Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Security Configuration Dashboard using SAP Analytics Cloud (Template)

WihemArsac
Product and Topic Expert
Product and Topic Expert
‎02-02-2024 7:22 AM

Overview

SAP provides an SAP Analytics Cloud Story for a template of a Security Configuration Dashboard delivered as Community Content. Customers can either use it directly or as a starting point to develop their own more extensive dashboard. The template consumes security configuration data from the SAP Cloud ALM API. Details on the SAP Cloud ALM API can be found in this blogpost.
While SAP Cloud ALM provides basic search and display functionality for the collected data, a security configuration dashboard template based on SAP Analytics Cloud might be useful to complement this visualization.
A documentation including a description on the connection to SAP Cloud ALM system and the consumption of the API to retrieve the data is part of the delivered content.

 

Visualization Examples

The story is prepopulated with sample data to provide an overview of the security dashboard capabilities to customers.
Thus, a compliance officer or a cloud security administrator, responsible for the operation and the security & compliance can use SAP Analytics Cloud dashboard template as a single source of truth for gathering information to get analytical insights into the security status of their SAP Cloud Solutions and to identify a risk score.
As displayed in the example in Figure 1, one can see that 5 cloud systems are connected against their dashboard and overall, 30 security controls are in place. For these security controls, 16 items are reported to the dashboard as non-compliant. Out of these 53% of non-compliant items, one can notice 40% of critical items, 37% with a high criticality and 23% with medium items to solve. Worth noticing as well that over the last 24 hours no new items have been received; a security compliance officer might be interested in what happened on the last day, when the last input came in.

WihemArsac_0-1706690540856.pngFigure 1: Compliance View Example 1

The visualization example in Figure 2 shows the different compliance status by different aggregation attributes. Overall, it displays the compliance status per categories like the risk level, or the cloud application that are affected and the components, the topics and the items spread over the SAP secure operations map. The SAP Analytics Cloud dashboard template offers the possibility to click on any item and to drill-down to the related categories. For instance, one can spot the most critical non-compliant items and check which cloud application is the most affected. Another view can provide more details on the component, for instance Destination Service, which contains the most critical non-compliant items to fix. The view on the topic provides additional input, showing for instance, that the token lifecycle is impacted. Finally, the view of the compliance per SAP´s secure operations map reflects which area, in this case, Authentication & Sign-On, is concerned.
More visualization screens are also available, so as to facilitate the analysis of the security status of SAP Cloud Solutions.

WihemArsac_1-1706690635419.pngFigure 2: Compliance View Example 2

 

Labels in this area
Popular Blog Posts