Case study | Threat detection in SAP applications & implementation of SAP Enterprise Threat Detection

An important component of a comprehensive security strategy is control over activities performed within the SAP environment to ensure landscape security . This includes monitoring applications behavior with respect to policies and regulatory requirements. This session will discuss three customer scenarios both before and after implementing SAP Enterprise Threat Detection.

Scenario 1

Before implementing SAP ETD the customer could not parse SAP security events or respond quickly to possible threats to their SAP landscape which resulted in a negative audit report. After the project the customer was able to process SAP security events in their Security Operations Center (SOC), successfully passing a security audit at the end of the year.

Scenario 2

Before implementing SAP ETD the customer had no correlation between security events coming from SAP and non-SAP sources and had limited forensic capabilities. After the project the customer was able to collect, normalize, and correlate security events, and integrated SAP ETD with the corporate IT Service desk to improve reaction times. Results included faster reaction to possible cybersecurity threats and general security/basis improvements.

Scenario 3: SAP ETD implementation at Severstal

Prior to implementing SAP ETD, time and resource constraints limited monitoring SAP information security events. Project objectives were to reduce the time required to identify incidents and vulnerabilities, to include key SAP systems in the monitoring scope, and to increase security. Additional connectors were developed during the project to increase the systems covered by SAP ETD.

Attend this session to:

  • Learn about how customers have implemented SAP ETD
  • Understand the benefits SAP ETD brings in making potential threats visible
  • Determine how to reduce uncertainty and improve control over application, user, and system behavior



MEET THE AUTHORS

Daniil Luzin SAP
Read More

Daniil is a Principal SAP GRC and Cybersecurity Consultant at SAP.

Andrei Nifatov SAP
Read More

Andrei is a Senior SAP GRC and Cybersecurity Presales Specialist at SAP.