New Support Package Release SAP Enterprise Threat Detection 2.0, SP07

We are delighted to announce the release of SAP Enterprise Threat Detection 2.0, Support Package 07 (SP Stack 51), which is available to our customers since December 16, 2024. We are confident that this new support package will greatly enhance our customers’ security capabilities, providing peace of mind and robust defense against cyber threats.

SAP Enterprise Threat Detection remains the pioneering real-time security event management and monitoring solution specifically designed for SAP S/4HANA applications. It can be utilized in the SAP private cloud and other cloud based environments. This advanced solution empowers companies using SAP software to swiftly identify and mitigate cyber-attacks in real time, preventing potential damage.

About the Product

Our mission is to protect SAP S/4HANA applications and stop critical cyber-attacks, which are becoming more prevalent and targeting core business systems.

SAP Enterprise Threat Detection gives transparency into suspicious user behavior and anomalies in SAP business applications to identify and stop security breaches in real-time. Thereby, helping companies go beyond preventive measures and focus on real-time detection and response.

For those opting for the private cloud solution, it can be delivered as a fully managed service by SAP or through our trusted partners. This state-of-the-art security monitoring service ensures customers don't need to invest in extensive internal security expertise or dedicated resources, allowing companies to focus on their core business operations while benefiting from top-tier security solutions.

Key Features and Business Value

The main features delivered with Support Package SP07 are:

• Enhanced Alerts Filtering: Security administrators can now find alerts more easily, filtering out non-critical alerts and focusing on the most relevant security threats. This improves efficiency, leads to faster response times, and allows security teams to concentrate on actionable items by reducing the noise from false positives.

• Tightened Security Controls: Different users can have access to alerts based on their roles and responsibilities, ensuring sensitive security information is accessible only to authorized personnel and compliance with internal and external regulations.

• Transition to new ABAP Log Extractor Framework completed (available since S/4HANA 2407, also read this article): The new framework allows customers to leverage the latest enhancements in log extraction, ensuring efficient and comprehensive monitoring.

• Support for New Logs Sources: Integration with additional log sources – SAP Analytics Cloud and Database table change logs – allows for a more holistic view of the security landscape and broader coverage on monitored activities.

• New Patterns Added: The system is now capable of detecting additional security threats – mainly: alerts for unauthorized administrative actions and alerts for audit log tampering – which leads to enhanced overall security.

• Additional Health Check Monitoring: The system can now monitor and alert administrators if there are any missing logs, which are crucial for forensic analysis and auditing. This ensures the integrity and completeness of security logs for more accurate threat detection and compliance purposes.

• Automated Load-Based Refinement with new configuration advisor report, to provide configuration recommendations and the ability to apply some of them automatically for log transfer from SAP NetWeaver AS for ABAP using ABAP Log Extraction (Legacy). This streamlines the configuration process, reducing administrative overhead and ensuring optimal performance of log extraction tasks.

These enhanced features and capabilities provided with Support Package SP07, not only improve the detection and response mechanisms of SAP Enterprise Threat Detection, but also enhance the overall security and operational efficiency for our customers and service partners.

Please also see a SAP ETD Solution Video here.

Documentation:

• SAP Enterprise Threat Detection on sap.com (External)

• SAP Enterprise Threat Detection Community (External)

• What’s New? (External)