SecurityBridge
HyperLogging
Selectively collects all SAP Security logs, that matter
With HyperLogging, the SecurityBridge Platform can selectively collect all disparate SAP security logs of an incident.
User Activity Monitoring (UAM) is a known term in the field of information security and in context of SAP, heavily relies on the SAP security logs. It describes the monitoring and recording of end-user actions. HyperLogging enriches the SecurityBridge Platform to address the ever-growing demand for more data and information for forensic investigations. Our “selective – all” approach, is automatically triggered by the Threat Detection sensors contained in SecurityBridge. Once activated, HyperLogging collects data-sets from all available log sources, belonging to the incident.
The security operations team now has the capablity of zooming-in on an incident to gain an in-depth understanding of the background. Having access to such a degree of detail, without any manual effort for collecting the data, enables experts to act quickly with an adequate response to real attacks.
Complexity and the lack of insight are probably the biggest Enemies for Cybersecurity. Attackers gain an advantage when transparent security monitoring is not available.
SecurityBridge Threat Detection, a SAP certified solution, provides actionable insight into suspicious activities in SAP and supports a proactive investigation with HyperLogging.
Instantly available
HyperLogging is an integrated component of the Platform and an instantly accessible feature, for all SecurityBridge clients. The HyperLogging app provides access to the main functions, built with SAP Fiori technology.
Proactive data acquisition
As with the entire SecurityBridge Platform, the footprint for your SAP instance is indetectable. The state-of-the-art implementation of HyperLogging was designed to only select and store SAP security logs that is essential to the security operation teams.
In the event of a cyber incident, the Threat Detection sensor of SecurityBridge is triggered. For severe findings, HyperLogging is automatically activated. It will then proactively start to detect, normalize, and collect all information needed for forensic analysis into a redundant and secured storage container. The solution derives all information (i.e. SAP Security Audit Logs, change docs, statistics, etc.) before and after the incident. This builds a foundation for forensic experts, to determine any loopholes and assess the potential impact of an attack.
SecurityBridge
HyperLogging
Proactively collects all SAP security logs but only stores what really matters
Audit Log
Log
Documents
Intuitive User Interface
SAP has provided a new user experience when introducing SAP Fiori to its product portfolio. SAP Security benefits from this innovation that allows security analysts with less SAP experience, to access data, gain insight, and evaluate the impact of an attacker’s actions.
SecurityBridge – to bridge the gap between SecOps and SAP.
SecurityBridge
HyperLogging
In this related blog article, you can learn how “Star Trek Enterprise” has inspired us to introduce a proactive collection of SAP security logs.
Solution Brief - HyperLogging
In a nutshell
Looking for a condensed document explaining all the information about SecurityBridge’s HyperLogging solution? We’ve got you covered. The Solution Brief combines all the relevant information you need to know about the built-in HyperLogging solution of SecurityBridge for SAP.
Other resources
We got you covered
HyperLogging enriches the SecurityBridge Platform to address the ever-growing demand for more data and information for forensic investigations. Our “selective – all” approach is automatically triggered by the Threat Detection sensors contained in SecurityBridge. Once activated, HyperLogging collects datasets from all available log sources belonging to the incident.
Relevant articles
Security automation
SecurityBridge – HyperLogging enhances the security automation capabilities needed to effectively and effortlessly protect complex, business critical applications. Human resources are often too expensive to manually collect all the details of an attack, instead, their expertise should be focused on analyzing or evaluating the evidence found in the SAP application stack.
