New Pathlock Threat Detection and Response Solution: SAP Security Integration for Microsoft Sentinel

Data Source

Integrates Pathlock Threat Detection and Response platform for SAP security monitoring including:

SAP ABAP audit log forwarding with threat detection overlays
Security event correlation and threat intelligence from Pathlock TDnR platform
SAP-specific security findings and policy violations

Ingestion Mechanism

Push-based CCF connector using Data Collection Rules for SAP security data ingestion
Custom table: Pathlock_TDnR_CL with comprehensive SAP audit schema (55+ fields)
Integration with Microsoft Sentinel Solution for SAP via ABAPAuditLog table
Supports both dedicated Pathlock TDnR stream and SAP solution integration

Detection Surface Unlocked

Provides specialized SAP application security visibility:

Enhanced threat detection for SAP environments beyond standard ABAP audit logs
Real-time correlation of SAP transactions with security threat indicators
Policy violation monitoring for sensitive SAP operations and data access
Integration with existing Microsoft Sentinel for SAP solution deployments

Affected Files

Solutions/Pathlock_TDnR/Data Connectors/Pathlock_TDnR_PUSH_CCP/Pathlock_TDnR_connectorDefinition.json
Solutions/Pathlock_TDnR/Data Connectors/Pathlock_TDnR_PUSH_CCP/Pathlock_TDnR_DCR.json
Solutions/Pathlock_TDnR/Data Connectors/Pathlock_TDnR_PUSH_CCP/Pathlock_TDnR_PollingConfig.json
Solutions/Pathlock_TDnR/Data Connectors/Pathlock_TDnR_CL.json
(packaging artefacts: mainTemplate.json, createUiDefinition.json, 3.0.0.zip)

Data Source#

Ingestion Mechanism#

Detection Surface Unlocked#

Affected Files#

Data Source

Ingestion Mechanism

Detection Surface Unlocked

Affected Files