Supervision & Monitoring

A study conducted by IBM in 2019 reveals that a hacker who succeeds in penetrating a company’s IS can stay there for an average of 206 days without being detected. The attacker will thus have time to achieve any desired objective, whether it is to steal, modify data or make it inaccessible or unusable.

Intrusion detection is complex, especially in ERP environments such as SAP for the following reasons:

  • The numerous applications used in ERPs mean that a wide variety of technologies are used, thus extending the attack surface.

  • Each type of application generates a different type of log that will be recorded in a dedicated database.

  • The sources of threats are diverse, it is difficult to know whether a transaction should be classified as suspicious; which event should generate a security alert and whether it was made by a legitimate user.

  • Conventional monitoring systems (typically SIEMs – Security Information and Event Management) are generally not capable of natively analyzing the detailed logs generated by ERP applications.

Studies show that the earlier a company detects an intrusion into its systems, the less financial loss. The value of early intrusion detection in an ERP system is therefore undeniable.

ArtimIS can help you implement the SAP Enterprise Threat Detection solution to protect your data:

  • ETD as an alert system for basic detection against suspicious activities,

  • Integration of ETD with an existing SIEM such as IBM QRadar which allows to extend the monitoring perimeter by covering business applications