Technical Articles
From zero to hero security coverage with Microsoft Sentinel for your critical SAP security signals – blog series
NEWS FEED22.05.23 SAP playbook for audit log re-enablement added😍 |
Dear community,
This blog series sheds light on the plug-and-play automation content available to act on suspicious🕵🏽♂️ activity on SAP RISE, SAP ERP, Business Technology Platform, and Azure AD with Microsoft Sentinel.
Get started with below out-of-the-box scenarios:
| 🔗Part 1 – Basic SAP User blocking (quickstart template) | Understand deployment options, configure your favorite scenario, adapt the Teams message, and start blocking SAP users as quickly as possible |
| 🔗Part 2 – Advanced SAP User blocking (enterprise grade) | Uplevel the basic scenario with secure credential handling and dynamic parameterization to scale the approach across your whole SAP estate with simple configuration |
| 🔗Part 3 – SAP Audit Log re-enable |
Automatically trigger re-activation of the SAP Auditlog if deactivated
|
| 🔗Part 4 – Next best scenario requested by you or shared by the community 😊 |
Supporting blog posts
Generate SOAP services for your legacy RFCs to simplify integration out-of-the-box | SAP Blogs
Revolutionize your SAP Security with Microsoft Sentinel’s SOAR Capabilities
References
SAP Certified Solutions Directory | Microsoft Sentinel
Deploy Microsoft Sentinel solution for SAP® applications in Microsoft Sentinel | Microsoft Learn
Integrating Azure with SAP RISE managed workloads | Microsoft Learn
Microsoft Sentinel solution for SAP® applications – security content reference | Microsoft Learn
How to use Microsoft Sentinel’s SOAR capabilities with SAP | TechCommunity
As always feel free to ask lots of follow-up questions and share your own SOAR scenarios with the community.
Cheers
Martin