Skip to Content
Product Information
Author's profile photo Anke-Katrin Rasmussen
Anke-Katrin Rasmussen
July 3, 2019 Less than a 1 minute read

New and updated attack detection patterns with SAP Enterprise Threat Detection 2.0 and SAP security notes

SAP regularly releases security notes for newly known vulnerabilities on Security Patch Day.

With SAP Enterprise Threat Detection (ETD) SAP offers timely updates of attack detection patterns that will help safeguard you against exploit attempts of unpatched systems.

Focus is on newly released and older critical security notes, ABAP, Non-ABAP (e.g. HANA, Java).

The attack detection patterns are made available to customers as SAP ETD content packages on the SAP Service Marketplace.

Update August 09 2019:

New content package for SAP Enterprise Threat Detection available on SAP Service Marketplace

New patterns for SAP HANA audit logging, for instance to alert (accidental or deliberate) deactivation of SAP HANA audit logging functionality (category: critical change of system configuration).

 

Assigned Tags

      4 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Uwe Klein
      Uwe Klein

      When is it planned to deliver patterns for SAP BTP Audit Logs ?

       

       

      Author's profile photo Eugen Pritzkau
      Eugen Pritzkau

      Hi Uwe,

      we expect already existing patterns for SAL (ABAP Sec. Audit Logs) also be valid forĀ  security related SAP BTP Audit Logs. But indeed, SAP BTP Audit Logs provide not sufficient information for successful security analysis. If you have particular attack scenarios you would like to elaborate, please e-mail me, so we could try together to persuade BTP application/framework components to provide over logs needed security related information.

      If you have already logs examples for which you would like to have patterns, please send them to me too.

      Regards,

      Eugen

      Author's profile photo Gaurang Joshi
      Gaurang Joshi

      Hi Eugen,

       

      Do let me know how to connect with you regarding pattern issues which i am facing while trying to configure new patterns.

      I am facing challenges while trying to configure Gateway Log, Change Document and Business Transaction Log event type patterns in my environment. I cannot find a way to define or identify event codes related to these event types.

       

      Regards,

      Gaurang Joshi

      Author's profile photo Eugen Pritzkau
      Eugen Pritzkau

      Hi Gaurang,

      please create a ticket on component BC-SEC-ETD to contact our support for pattern configuration of above logs.

      regards,

      Eugen