Splunk: The “data-to-everything” platform, including SAP

December 08, 2020
Written by Nick Hills

Nick is an experienced Splunk-Certified Architect and accomplished solutions architect with experience of designing global, scalable and high performance compliance and security incident monitoring solutions, both on-premise and in the cloud.

Cenoti_blog_Feature_banners-03-1

 

In the latest Gartner Magic Quadrant report, Splunk has been indicated as a leader in the SIEM industry for the seventh time in a row. In this blog, we look at

What is SIEM?

In layman’s terms, SIEM stands for Security Information and Event Management. SIEM focuses on real-time log and event data, and automatically categorises threats and risks by leveraging machine learning and predictive analytics to assist organisations in detecting attacks or data breaches as quickly as possible.


There are several options available when you need a SIEM solution, and Gartner has a Magic Quadrant report which explores the different options.

 

Splunk

Splunk is the industry leader for SIEM, and their focus is to turn data into an actionable commodity. Their portfolio includes three products that focus on Security (and therefore SIEM): Splunk Enterprise Security (ES), Splunk User Behaviour Analytics (UBA) and Splunk Phantom (a “SOAR” add-on).

 

  • Splunk’s Enterprise Security offers organisations the ability to get complete visibility over the security risks in their landscape. The aim is to combat security threats with rapid operationalisation, and turn the data into knowledge to enable the right team to respond with maximum impact. Splunk Enterprise Security gives an analytics-driven approach to proactively mitigate risk.

  • Splunk UBA is an additional layer that provides machine learning to detect unknown threats and anomalous behaviour.

  • Phantom provides Security Orchestration, Automation, and Response (SOAR) capabilities, and is designed to provide automated remediation and mitigation of security incidents.


EPI-USE Labs has solved this challenge by developing a connector for Splunk called Cenoti.

What is the connection between Splunk and SAP?

Full visibility into security threats depends on full visibility into all of your IT systems. SAP has traditionally been some of a black box in terms of integration with external systems, and that has given operational and security teams a challenge in understanding the real-time status of the components of an ERP system.


What is Cenoti?

 

Cenoti is a combination of a certified SAP Application and Splunk-certified Apps which allow organisations to extract data from SAP systems and deliver them into a Splunk environment for use in several ways:

 

  • Via the Cenoti dashboards, reports and alerts in the Cenoti Application (for Splunk Core)

  • For Out-of-the-Box integration into Splunk Enterprise Security (Splunk ES), delivering numerous security use cases, correlation searches and enriching exports for assets and identities, custom visualizations including swimlanes, key panel indicators and glass tables.

  • Simple setup procedure to quickly integrate SAP operational data into Splunk IT Service Intelligence (Splunk ITSI) including service templates, KPI base searches, automatic discovery and glass tables.

New call-to-action

 

 

Explore Popular Tags

GDPR Data Privacy Data Security Data Secure GDPR compliance Data Redaction data scrambling General Data Protection Regulation Data Redact POPI Act POPIA SAP Data Security SAP GDPR Data Archiving Data Sync Manager SAP data privacy and compliance Right to be forgotten Data privacy compliance Data privacy regulations GDPR readiness GDPR deadline Personal data SAP SAP security GRC for SAP SAP systems Access Risk management Access risk controls Data minimisation Data security breaches Governance, Risk Management and Compliance (GRC) SAP data privacy and security compliance COVID-19 Data Privacy suite Data privacy by design Risk monitoring SAP data copying and masking SAR Soterion Subject Access Request anonymised data Australian Privacy Act 1988 CCPA Cenoti Client Sync Data Protection Day Data masking European operations Federal Law GDPR fine Guest order ICO May 2018 Object Sync One-time customer Privacy by Design Reducing risk Right to Erasure Risk minimisation S/4HANA Migrations SAP S/4HANA SAP data SAP data privacy & security Secure scrambled production data for testing Test Data Management security breach Backlog privacy debt Black Friday Black Friday hangover Black Friday sales Breach Notification Brexit Budget Canada data privacy legislation Cenoti, connecting SAP with Splunk Cloud migrations Confidentiality Consent DSM DSM Readiness Assessment Data Portability Data Removal Data Replication Data Sync Manager (DSM) Data integrity Data processor versus controller Data retention rules Documentation EPI-USE Labs’ solutions Employee data Europe Friday 25 May 2018 GDPR-type legislation GRC GRC for SAP tools General Data Protection HCM HR ILM Information Commissioner’s Office Information transfer Infotype 41 JSOX New Zealand Privacy Act Online shopping Penalties Phantom Proportional Data Protect personal employee data Removing data in SAP Right to Access Rise with SAP Risk management S4HANA SAP Cloud SAP Data Privacy Suite SAP RISE SAP SuccessFactors SAP access risk simulations SAP data encryption SIEM SOX Sarbanes-Oxley (SOX) legislation Security Security Information and Event Management Security for SAP. Live Sensitive HCM data South African data privacy legislation Splunk Splunk UBA Splunk’s Enterprise Security Success Factors Territorial Scope UK Government User Access Review Virtual conference What does the European GDPR mean for Australia? ebook masking rules quality of test data system copy uk sox
+ See More

Get Instant Updates


Leave a Comment: