SAP ETD: New Telemetry Tampering Detection Rules Target Defense Evasion
Two SAP Enterprise Threat Detection rules added to detect feed silence and per-SID data gaps, addressing T1562 defense evasion techniques. Read More →
Two SAP Enterprise Threat Detection rules added to detect feed silence and per-SID data gaps, addressing T1562 defense evasion techniques. Read More →
SAP BTP analytic rule reworked to use audit.configuration events, providing richer artifact context and improved actor attribution for Cloud Integration deployments. Read More →
Tools fixes enable proper SAP solution marketplace tracking and make the SAPCC agentless connector visible to the Microsoft Sentinel Solutions Analyzer. Read More →
Pathlock Threat Detection & Response adds 77 comprehensive SAP security analytic rules covering ABAP changes, user activities, system modifications, and financial data access. Read More →
SAP ETD alerts now surface user account names and email addresses for incident correlation, filling a critical entity mapping gap that prevented effective identity-based investigations. Read More →
SAP agentless solution updated to version 1.1.10 with security and usability improvements, plus official release status designation. Read More →
New SAP playbook enables automated user blocking via Teams adaptive cards with enhanced support for complex multi-alert incidents from Microsoft Defender XDR. Read More →
SAP Reader role permissions significantly reduced for agentless connector, implementing least-privilege access while maintaining monitoring capabilities. Read More →
Two SAP solutions transitioned from preview to production-ready status, unlocking stable SAP audit and infrastructure log ingestion. Read More →
SAP deployment scripts now verify Docker image digest integrity to prevent container supply chain attacks during installation. Read More →
New PowerShell tooling enables agentless SAP data collection via Integration Suite with dual-mode credentials and CSV-based destination management. Read More →
New threat detection coverage for SAP BTP Cloud Integration tampering, identity service compromise, and audit service availability. Read More →
SAP agentless package updated to use Log Analytics v2 API for heartbeats and added audit log user exclusion capabilities. Read More →
PowerShell automation tools added for scalable SAP BTP subaccount onboarding to Microsoft Sentinel, enabling SOC teams to efficiently connect dozens of BTP subaccounts at once. Read More →
CCF connector pagination bug fixed - deployments were missing audit events due to failed token parsing. Read More →
Push-based connector integrating Pathlock TDnR SAP security monitoring with Microsoft Sentinel for enhanced SAP application security visibility. Read More →
New VMware ESXi detection for multiple failed SSH login attempts, plus comprehensive solution updates across 15+ vendor solutions. Read More →
New SAP S/4HANA Cloud Public Edition CCF connector enables ingestion of security audit logs into Microsoft Sentinel SAP solution. Read More →
Google Kubernetes Engine connector promoted to GA while SAP ETD Cloud gains investigation data ingestion and enhanced detection coverage. Read More →
SAP Enterprise Threat Detection solution expands with new Investigations connector, providing comprehensive investigation tracking and correlation capabilities. Read More →