Consulting & Innovation
Solutions & Technologies
Infrastructure & Operations
Industries
More
Blog
clint-patterson-dYEuFB8KQJk-unsplash

Recognize Attack Patterns within SAP Applications

Security based on transaction data

Managed SAP Connector for Azure Sentinel
18.11.2021
Managed Services
Microsoft Azure
Security
Technical

Security is critical - not only for operating with integrity but also for securing business operations and competitive advantage. An entire industry of cybercriminals has specialized in using dishonest means to squeeze some of the economic success out of hard-working organizations.


Arvato Systems is now introducing a new solution to detect suspicious actions in an SAP application based on Advanced Detection Capabilities.


Even if humans remain one of the most significant vulnerabilities in threat prevention, IT must also do its homework. Fortunately, it's not just on the dark side that some intelligent minds are working - by far, the more significant part is concerned with recognizing attack patterns and defending against attacks. It is essential to continually develop new, innovative solutions for the three imperative success criteria of prevention, detection, and reaction to eliminate risks specifically. The CISO already has a wide range of tools at its disposal for this purpose. However, many of them are limited to data management at the input and/or output levels.

If You Want Security, You Have to Switch from Defense to Offense

We are getting better at detecting unauthorized access to data or the attempted injection of corrupt data into a system. Stopping the leakage of important corporate data from a system is also an eternal cat-and-mouse game. Sometimes it's the smart defenders who have the upper hand, and sometimes it's the others.


Arvato Systems is now adding another component to this setup, making it even more difficult for attackers to put their criminal intentions into action. We have thought about how fraud attempts can be detected directly in an SAP application. By combining the latest Microsoft security technology, the SAP Connector and many years of application expertise, data can now be used for analysis in SIEM Microsoft Sentinel.

Intruders in SAP Often Remain Undetected for Too Long

Increasingly, hackers aren't bulldozing their way in and grabbing what's on display. Often, you'll sneak in through back doors to get in. Eventually, someone in the organization may weaken and click on a link. This gives attackers the opportunity to spy on the organization at their leisure and secretly view data. In this way, they may prepare for a later attack.


This is exactly where Arvato Systems' new Managed SAP Connector for Azure Sentinel comes in. By analyzing and correlating real-time data, we link the traces that attackers leave behind within the SAP application. In this way, attacks are uncovered and fraud attempts are detected in time.

It Is Important to Recognize Patterns before It Is Too Late

Our managed service proactively examines data usage deep within the application, drawing on data sources such as the audit log, syslog, and most importantly, the application log. The combination of these three logs makes the difference: event data is collected, aggregated and made available to innovative AI and ML algorithms for a new level of fraud protection. Although the implementation of this concept requires the use of cloud solutions, the application under investigation does not need to be in a cloud environment. The SAP Connector uses the latest Docker-based container technology for easy setup. The necessary code units are simply integrated into the SAP application code. This connects the solution to the Docker container and analysis can begin. Companies are thus enabled to detect attack patterns even faster and are given more time for substantial response and/or protective measures.

Innovation - The Product of Substance and Competence

Arvato Systems is one of the first partners to combine the power of Microsoft Azure Sentinel and the SAP Connector with deep knowledge of the SAP application landscape. And one of only a handful of partners invited by Microsoft to develop a solution for this specific use case. Our Managed SAP Connector for Azure Sentinel is offered as a managed service - for continuous monitoring of SAP instances.


Contact us to learn more about the innovative Managed SAP Connector for Azure Sentinel. We look forward to helping you reduce the attack surface for cyber criminals.

This Might Also Be Interesting

Managed Microsoft Security

Managing Microsoft 365 Defender and Azure Defender professionally.

Cyber Security for SAP S/4HANA

SAP environments are popular targets for cyber attacks. Learn how to sustainably protect S4/HANA with Azure Services from selected security experts.

Written by

Timo Schlüter - Hoch
Timo Schlüter
Expert for Cyber Security