SAP ETD: New Telemetry Tampering Detection Rules Target Defense Evasion

Two SAP Enterprise Threat Detection rules added to detect feed silence and per-SID data gaps, addressing T1562 defense evasion techniques. Read More →

SAP BTP: Enhanced Cloud Integration Deployment Detection with Audit Configuration Events

SAP BTP analytic rule reworked to use audit.configuration events, providing richer artifact context and improved actor attribution for Cloud Integration deployments. Read More →

SAP Solution: Analyzer Marketplace Visibility and Agentless Connector Discovery Fixed

Tools fixes enable proper SAP solution marketplace tracking and make the SAPCC agentless connector visible to the Microsoft Sentinel Solutions Analyzer. Read More →

Pathlock TD&R: Major Detection Coverage Expansion with 77 New SAP-Focused Analytic Rules

Pathlock Threat Detection & Response adds 77 comprehensive SAP security analytic rules covering ABAP changes, user activities, system modifications, and financial data access. Read More →

SAP ETD Cloud: User Account Correlation Now Available After Data Collection Gap

SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →

SAP: Agentless Integration Package v1.1.10 with Security Enhancements

SAP agentless solution updated to version 1.1.10 with security and usability improvements, plus official release status designation. Read More →

SAP: New Agentless User Blocking Playbook for Defender XDR Integration

New SAP playbook enables automated user blocking via Teams adaptive cards with enhanced support for complex multi-alert incidents from Microsoft Defender XDR. Read More →

SAP Agentless Connector: Reduced Permission Model for Enhanced Security

SAP Reader role permissions significantly reduced for agentless connector, implementing least-privilege access while maintaining monitoring capabilities. Read More →

SAP Solutions: Production-Ready Status After Preview Removal

Two SAP solutions transitioned from preview to production-ready status, unlocking stable SAP audit and infrastructure log ingestion. Read More →

SAP Data Connector: Docker Image Integrity Verification Added to Deployment Scripts

SAP deployment scripts now verify Docker image digest integrity to prevent container supply chain attacks during installation. Read More →

SAP Solution: Agentless Integration Suite Tooling Added for Enhanced ERP Connectivity

New PowerShell tooling enables agentless SAP data collection via Integration Suite with dual-mode credentials and CSV-based destination management. Read More →

SAP BTP: 10 New Enterprise Security Detections for Cloud Integration and Identity Service

New threat detection coverage for SAP BTP Cloud Integration tampering, identity service compromise, and audit service availability. Read More →

SAP Solution: Agentless Package Upgraded to Log Analytics v2 API

SAP agentless package updated to use Log Analytics v2 API for heartbeats and added audit log user exclusion capabilities. Read More →

SAP BTP Connector: Mass Onboarding Tools for Multi-Subaccount Deployment

PowerShell automation tools added for scalable SAP BTP subaccount onboarding to Microsoft Sentinel, enabling SOC teams to efficiently connect dozens of BTP subaccounts at once. Read More →

SAP BTP Connector: Critical Pagination Fix Restores Missing Security Events

CCF connector pagination bug fixed - deployments were missing audit events due to failed token parsing. Read More →

New Pathlock Threat Detection and Response Solution: SAP Security Integration for Microsoft Sentinel

Push-based connector integrating Pathlock TDnR SAP security monitoring with Microsoft Sentinel for enhanced SAP application security visibility. Read More →

VMware ESXi SSH Brute Force Detection Plus Multi-Solution Updates

New VMware ESXi detection for multiple failed SSH login attempts, plus comprehensive solution updates across 15+ vendor solutions. Read More →

SAP S/4HANA Cloud Public Edition: New CCF Connector for Security Audit Logs

New SAP S/4HANA Cloud Public Edition CCF connector enables ingestion of security audit logs into Microsoft Sentinel SAP solution. Read More →

Multiple Solution Updates: GKE GA Promotion and SAP ETD Investigation Capability

Google Kubernetes Engine connector promoted to GA while SAP ETD Cloud gains investigation data ingestion and enhanced detection coverage. Read More →

SAP ETD Cloud: Investigations Data Source Added for Enhanced Threat Tracking

SAP Enterprise Threat Detection solution expands with new Investigations connector, providing comprehensive investigation tracking and correlation capabilities. Read More →