How to Configure SAP Enterprise Threat Detection for Increased Surveillance and Real-Time Analysis of Security Threats

  • by Kehinde Eseyin, Security Architect
  • April 14, 2016
Mining of important security-related logs has always been a challenge for most enterprises in terms of how to gain appropriate security intelligence from collected data sets in order to forestall malicious attacks from within and outside an enterprise. Kehinde Eseyin shows how to set up the SAP Enterprise Threat Detection system landscape to facilitate log collection and consequent analysis.
Learning Objectives

Reading this article, you’ll learn how to:

  • Maintain a workspace repository and background jobs in SAP HANA for an SAP Enterprise Threat Detection (SAP ETD) use case
  • Import, configure, compile, and deploy SAP ETD projects in SAP Event Stream Processor (ESP)
  • Set up the SAP ABAP system as a log provider and consequently access the SAP ETD launch pad
Key Concept

In view of the increasingly complex computer-driven business processing environment, it is expedient to have tools and resources in place to detect, analyze, and respond to cyber and related security threats. SAP Enterprise Threat Detection (SAP ETD) is based on the SAP HANA database. It allows you to perform real-time assessment and evaluation of security threats in your IT landscapes by leveraging SAP and non-SAP log data. Products such as SAP ETD are designed to provide the desired surveillance for enterprise IT infrastructures and a certain level of assurance that you can detect vulnerabilities before the risks are realized.

SAP Enterprise Threat Detection (SAP ETD) brings insight into the analysis of different logs, including business transaction, change document, SAP Gateway, http server, read access, security audit, system, and user change logs. It is designed to bring knowledge about attack patterns into an executable format so that attacks can be detected automatically. This product is useful for real-time security monitoring and ad hoc analysis for forensic investigation and compliance processes. It leverages the capability of SAP HANA and SAP Event Stream Processor (SAP ESP) for analysis of different types of logs in both SAP systems and non-SAP systems.

In this article, I discuss how to configure an SAP ETD system and set up the SAP NetWeaver ABAP system as a log provider for enhanced log mining, threat detection, improved system security, and forensic investigation.

Kehinde Eseyin

Kehinde Eseyin is a security architect. He holds a bachelor’s degree in computer science. He has about 12 years of IT security, governance framework, IS risk, and compliance experience gained by working in numerous global organizations. Over the years, he has demonstrated competencies in security design, information assurance, cyber security, data privacy, threat and vulnerability management, penetration testing, business architecture, project management, IT audit, IS controls framework, and identity and access management.
 

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.