How to monitor Segregation of Duties Conflicts in SAP Systems using SAGESSE TECH SAP Security Solutions and IBM QRadar ?

How to monitor Segregation of Duties Conflicts in SAP Systems using SAGESSE TECH SAP Security Solutions and IBM QRadar ?

Segregation of Duties, or SoD for short, means that certain tasks in a business process should not be carried out by one and the same person. Similar to the four-eyes principle, the separation of duties serves to prevent errors and manipulation, as well as to clearly separate functions and areas of responsibility.

Particularly as part of an audit, an SoD check is always carried out to prevent, for example, payment methods from being manipulated, thus causing major financial damage to both the customer and the supplier. If gaps in the implementation of the separation of duties are then uncovered during an audit, these are points that lead to a new audit and may also have further consequences for the company. In addition to the numerous third-party providers who offer licensed software for SoD audits in the SAP environment, SAP itself offers the option of carrying out SoD Audits in the system.

SAGESSE TECH SAP Threat Detection Solution is providing our customers with a continuous monitoring dashboard for Segregation of Duties( SUIM in SAP Context ) Conflicts in your SAP Systems. With our predefined set of SoD Checks, we can check any SoD Conflict at Application Level and Business Process Level. This solution is customizable and it can be configured for your own business processes and Z/Y namespace developments very easily.

The SoD Conflicts and corresponding alerts are displayed in SIEM Systems like IBM QRadar and SPLUNK( Important note : WAZUH Content is coming soon ).


Figure 1 : SOD Conflicts Dashboard I for SAP Systems in IBM QRadar


Figure 2 : SOD Conflicts Details Dashboard for SAP Systems in IBM QRadar

You can use our solutions to monitor SOD Conflicts in your SAP Systems 7/24 and prevent fraud and stay compliant. Our SAP Threat Detection and SAP Audit solutions are also provided as Managed Service and our dedicated teams can monitor your systems continuously.

SAGESSE TECH, global SAP Security / Oracle Security / ERP Security Tech Company, is providing Automated Audit Tool for SAP, SAP Threat Detection and Monitoring Products, SAP PenTest Framework and an SAP Audit Service which control these kinds of configurations, vulnerabilities and much more in your SAP Systems. Their products and services can help you to integrate your SAP System into your central threat detection solutions and foster your NIS2 Compliance.

SAGESSE TECH is now providing companies who do not use a SIEM Solution or would like to have a separate SIEM for SAP Threat Detection with a Wazuh SIEM App.

You can contact SAGESSE TECH(E-mail : info@sagesseconsultancy.com, sales@sagesseconsultancy.com or kaankars@sagesseconsultancy.com ), if you would like to have more information about our products or to have a Vulnerability Scanning, SAP Audit or SAP PenTest on your SAP Systems or implement a SAP Threat Detection and Monitoring Solution integrated with leading SIEM Vendors like SPLUNK, IBM QRadar and Wazuh.



To view or add a comment, sign in

More articles by Sükrü Ilker BIRAKOĞLU

Insights from the community

Others also viewed

Explore topics