Threat Monitoring Cases – Enterprise Threat Monitor

Enterprise Threat Monitor comes preconfigured with hundreds of SAP specific attack detection and compliance violation rules including those that monitor for unauthorized access to critical data, exploitation of vulnerable SAP functions, malicious usage of debug privileges, and unauthorized creation of users.

Security

Detecting SAP attack patterns

Sample SAP Attack Detection Use Cases

SAP debugging is used for bypassing transaction authorizations
A malicious SAP transport is imported
An unauthorized user assigned a critical SAP role to another user
An operating system command is executed using SAP functions

Compliance

Detecting compliance violations

Sample SAP Compliance Use Cases

An SAP system is opened to changes
An HR terminated employee’s SAP account is used for connecting to an SAP system
Account sharing is detected
An incompliant security configuration is detected

Security Configuration

Detecting unintended changes

Sample SAP Security Configuration Monitoring Use Cases

Security configuration is changed
System modification settings are changed
A system configuration parameter is setup insecurely
A critical transaction is unlocked

Download Enterprise Threat Monitor