Skip to Content

Support package 06 brings lots of new features. Since the forensic lab is the key tool in SAP Enterprise Threat Detection, improvements there are usually worth a mention. In this support package are several involving operators, which are important for pattern development.

  • The threshold in a pattern can now use =, >, <, <=, or >=. The default >= is the behavior that you will be familiar with.
  • Value lists now allow the operators EQUALS, LIKE, and LIKE_REGEXPR. EQUALS is to be preferred on performance grounds though.
  • In filter paths, the relationship between subsets can now be OR, shown by a chain symbol. This is useful for cross-role filtering, for example – see screenshot below.

 

 

Relevant SAP Notes

2517276 – Release Note SAP Enterprise Threat Detection 1.0 SP06 PL00

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply