Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Identifies deployment and undeployment of JDBC data source configurations in SAP Cloud Integration. JDBC data sources contain database connection credentials and configuration that enable integration flows to access backend databases. Unauthorized JDBC data source manipulation could indicate: - Attacker adding rogue database connections for data exfiltration - Credential theft by accessing stored database passwords - Modification of connection strings to redirect traffic to attacker-controlled
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | SAP BTP |
| ID | b2c3d4e5-6f7a-8b9c-0d1e-2f3a4b5c6d7e |
| Severity | High |
| Status | Available |
| Kind | Scheduled |
| Tactics | CredentialAccess, LateralMovement |
| Techniques | T1552, T1021 |
| Required Connectors | SAPBTPAuditEvents |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
SAPBTPAuditLog_CL |
✓ | ✓ | ✓ |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊