SAP Enterprise Threat Detection SP06 is Now Available

Support package 06 brings lots of new features. Since the forensic lab is the key tool in SAP Enterprise Threat Detection, improvements there are usually worth a mention. In this support package are several involving operators, which are important for pattern development.

• The threshold in a pattern can now use =, >, <, <=, or >=. The default >= is the behavior that you will be familiar with.
• Value lists now allow the operators EQUALS, LIKE, and LIKE_REGEXPR. EQUALS is to be preferred on performance grounds though.
• In filter paths, the relationship between subsets can now be OR, shown by a chain symbol. This is useful for cross-role filtering, for example – see screenshot below.

Relevant SAP Notes

2517276 – Release Note SAP Enterprise Threat Detection 1.0 SP06 PL00