SIEM Connector for Your SAP systems
Attacks on SAP ERP systems are increasing significantly but are often discovered too late or not at all. SIEM systems offer you the right solution, as these monitor software logs in real time and trigger an alarm in case of security-critical events.
SIEM Connector – Connect Your SAP system with a SIEM solution now!
The use of SIEM solutions in companies constantly increases the level of security in many business divisions. However, the activities carried out in the SAP system must be kept in mind because these have a significant influence on the security level.
Our SIEM connector enables customers to close gaps in the compliance with security requirements and eliminate the blind spot of real-time monitoring. The appropriate framework for monitoring plays an important role, especially with regard to constantly growing security requirements, legal extensions and use cases from different company areas. Based on our many years of SAP expertise, we offer predefined logs and analyzes, which can be expanded in individual workshops and tailored to the company’s own specifications.
Connect your SAP system with your own SIEM solution now and increase the security and transparency in your company!
- Automatic creation of system-related security concepts at the push of a button
- Checking the SAP system against security requirements (monitoring and validation)
- Integration and development of a holistic security monitoring
- Configurable SIEM cockpit
- Flexible SAP log extractions
- Integration of checks from the Security Architect (concept comparison)
- Authorizations – Assignment of critical profiles
- System configuration – changes to security-related system settings
- Data Leak – Viewing or extracting data from confidential databases
- Critical Resources – Calling forbidden transactions, programs, and function modules
- Debugging – Debugging in productive systems incl. changing variables
- Log settings – Changing or disabling SAP logs to conceal critical processes
- SAP Standard Users – Unauthorized access to SAP through SAP standard users
- 100 % transparency of the SAP systems used in real time and in compliance with security requirements
- 100 % flexibility in information processing in the SIEM
- 100 % coverage of customer-specific requirements and specifications
- 85 % less time to implement and connect the SAP system for real-time monitoring with the desired SIEM product
Holistic Security Monitoring with Xiting's SIEM Connector!
The SIEM Connector offers you the option of reading various SAP logs and forwarding them to your SIEM system in a standardized format. In addition, it offers the possibility of performing checks through the Security Architect and thus generating security-critical events, which would not be available in the logs.
There are several options available for transferring the logs to your SIEM solution, e.g., the syslog protocol or the transfer via file. If the logs are sent directly to the SIEM solution, they can be encrypted to prevent the information from being accessed while being transferred. The desired line format can also be freely selected, e.g., JSON or CEF format.
In order to make the connection of a complex and distributed SAP landscape as simple as possible, the SIEM connector can be operated in a central mode. A SAP ABAP central system is defined, which connects all other SAP systems in the landscape via RFC, controls the log and event collection and communicates with the SIEM system. This can be used as a central entry and connection point between the SIEM and SAP world, instead of having to set up a separate log collector for each individual SAP system.
In conjunction with a SIEM solution, the SIEM Connector manages to make even large SAP landscapes evaluable and transparent in real time. It is therefore a crucial component for the integration and the development of a holistic security monitoring system.