SAP Enterprise Threat Detection - Microsoft Sentinel - Integration
Solution: SAP ETD Cloud
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | SAP |
| Support Tier | Partner |
| Support Link | https://help.sap.com/docs/SAP_ENTERPRISE_THREAT_DETECTION_CLOUD_EDITION |
| Categories | domains |
| Version | 3.0.4 |
| Author | SAP |
| First Published | 2025-02-17 |
| Last Updated | 2025-09-11 |
| Solution Folder | SAP ETD Cloud |
| Marketplace | Azure Marketplace · Popularity: ⚪ Very Low (8%) |
The Microsoft Sentinel Solution for SAP ETD integrates SAP Enterprise Threat Detection entities into Microsoft Sentinel, allowing SOC teams to ingest, monitor, and hunt across SAP data. This integration enhances security by enabling faster detection, investigation, and mitigation of risks within SAP environments.
Contents
Data Connectors
This solution provides 1 data connector(s):
Tables Used
This solution uses 2 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
SAPETDAlerts_CL |
SAP Enterprise Threat Detection, cloud edition | Analytics |
SAPETDInvestigations_CL |
SAP Enterprise Threat Detection, cloud edition | Analytics |
Content Items
This solution includes 4 content item(s):
| Content Type | Count |
|---|---|
| Analytic Rules | 4 |
Analytic Rules
| Name | Severity | Tactics | Tables Used |
|---|---|---|---|
| SAP ETD - Execution of Sensitive Function Module | Medium | Discovery | SAPETDAlerts_CL |
| SAP ETD - Login from unexpected network | Medium | Discovery | SAPETDAlerts_CL |
| SAP ETD - Synch alerts | Medium | - | SAPETDAlerts_CL |
| SAP ETD - Synch investigations | High | - | SAPETDInvestigations_CL |
Release Notes
| Version | Date Modified (DD-MM-YYYY) | Change History |
|---|---|---|
| 3.0.4 | 16-04-2026 | Added Users entity expansion to Alerts for email correlation |
| 3.0.3 | 11-09-2025 | Investigations API Connector added |
| 3.0.2 | 24-06-2025 | Data connector polling window reduced |
| 3.0.1 | 31-03-2025 | SAP OData entity change from TriggeringEvents to new NormalizedTriggeringEvents |
| 3.0.0 | 17-02-2025 | Initial Solution Release |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊