SAP Threat Monitoring
Secure the Core. Detects & Reports exploits in real-time 24/7.
- Instant SIEM connectivity. Seamlessly connect SAP with splunk, ArcSight, LogRhythm, IBM QRadar, and Azure Sentinel
- SAP Fiori® Apps for Monitoring and Investigation
- An event timeline feature that simplifies investigations
- Report SAP security threats as an incident, via Drag and Drop
- Filter and whitelist SAP real-time threats
- Keep the SAP threat monitoring updated using standard configuration catalog for 100+ listeners, covering hundreds of identification patterns and signatures
- Rule-based SAP security threat monitoring response framework
- Detects also real-time SAP Code Vulnerability threats
SAP Certified – SecurityBridge is the most innovative and complete SAP threat detection solution available for organizations running SAP©. The threat potential against market leaders like SAP SE© is growing and becoming more sophisticated. Protect your business-critical applications with the most advanced technology.
SAP Threat Detection in a nutshell
In this short video you will get an overview of the SAP threat monitoring features of SecurityBridge Threat Detection for SAP. The SAP cybersecurity solution analyzes SAP logs in real time and reports anomalies in user or system behavior.
Install & Run
SecurityBridge resides within the ABAP stack, no additional hardware required. It comes preconfigured with hundreds of SAP-specific attack and vulnerability detection patterns. Once unboxed, SecurityBridge is easily activated and put into production, without lengthy implementation phase.
SecurityBridge not only evaluates the SAP Security Audit Log, it continuously scans and correlates all log sources which may impact the security posture of your system. Machine intelligence is applied to alert on critical events and discard the false positives.
SecurityBridge is updated continuously based on internal research and latest SAP security publications. SecurityBridge customers are always able to use the latest features and run the most recent SAP threat detection signatures.
How it works
Architecture: simple but effective
SecurityBridge works with a centralized architecture, using a SecurityBridge Controller (SBC) that connects to the SecurityBridge Agents (SBA).
Real-time SAP threat detection works like this:
- Once The SecurityBridge controller starts the SAP Threat Detection routines on one, or all agents, the SAP threat monitor receives continuous information. It analysis the available SAP log sources for application-specific threats, attack patterns, and zero-day vulnerabilities.
- SAP threat alerts are created by the threat monitoring correlation engine, which also considers user behaviors. False positives can be eliminated using filter settings, which are configured using the SAP Fiori user interface, and are distributed to the Agents with a single click.
The result is a high-quality and accurate SAP threat monitoring that continues 24/7.
- The product can be installed on any SAP® NetWeaver ABAP Stack-based system and is shipped within its own namespace. SB also supports SAP S4/HANA, SAP HANA and runs on-premise or within cloud environments i.e. SAP HANA Enterprise Cloud, Amazon Web Services (AWS), Microsoft Azure for SAP or Google Cloud.
No additional hardware is needed with SecurityBridge monitoring. The SAP Threat Detection operates seamlessly, 24/7. It is frictionless with no interference or performance impact on your systems.