Newsflash: +++ Hackers Stole Over 6.42 Million SHEIN Customers' Data +++ SAP Customer British Airways hacked: Hackers steal financial data in BA website attack +++ The same hacker group who breached Ticketmasters were behind the British Airways attack, using DIGITAL SKIMMING +++

SAP Cyber Defences up and running

Defending digital assets is a constant battle

If you are in charge of catching intruders, hackers, cyber criminals and defending against vast armies of malware you are well aware of the problem with SAP®: despite the SAL (Security Audit Log) it remains kind of a black box.

You don’t see clearly what’s going on inside it. You cannot capture events and correlate them in SIEM systems, like you could for most other IT assets. What you might have instead is a collection of single-aspect tools that give you fractions of the info you would really need, and require very manual and individual attention for updating and operation. Yet you are in charge of keeping it all safe.

What’s more, SAP® audit preparation and audit reporting is eating up way too much time.

You have a new weapon now: it’s called agileSI™

agileSI™ gives you what you most need for defending SAP®, both from outside attacks and inside corruption: transparency and in REAL TIME. It offers you a selection of data-extractors that fully integrate with current SIEM solutions. No more fractional solutions to watch over permissions or configuration parameters. Feel free to contact us at

  • One solution to cover the majority of security relevant events in SAP®: changes in Permissions, user interaction, changes to table data or configuration, SAL, functional modules, etc.
  • Covers all flavours of SAP®: ABAP, HANA & JAVA
  • Full power of correlation with events outside of SAP® like host login events, malware detection, identity management systems in your SIEM
  • Lots of common practice use-cases ready to use instantly
  • Full power of your response processes applied to SAP®, e.g. automatic login blocking from malware infected clients, log level rising of privileged user accounts etc.
  • Easy and fast generation of compliance and audit reports
  • Preset dashboards for Security analysts, focussing on the information they need
  • Easy and fast to setup
  • No time for yet another tool, even if it integrates nicely with your current systems? Don’t worry: we offer you agileSI™ as managed service, taking the entire SAP® monitoring off your shoulders.

Ad-hoc reporting

Web-based access to SAP® security-relevant information needed? HPE ArcSight Command Center provides access to log management functionality of HPE ArcSight ESM for ad-hoc reporting or forensic analysis.


Access Control

Access Control violations (or so-called SoD or Segregation of duties conflicts) are identified with a dedicated agileSI™ Extractor for Access Control. The drilldown information provides the Overall system landscape incidents, as well as the SAP® SID information as drilldown, and the Top 10 incidents, visualizing the most common configuration problem, plus technical details on the SoD conflicts.


agileSI™ - 360° SAP® Security powered by Splunk


agileSI™ provides a broad set of SAP® extractors, feeding different kind of SAP® data, such as database data, system settings, logs and events from various SAP® security sources into Splunk

Read more about agileSI™-splunk-integration