公开(公告)号：US10826926B2

公开(公告)日：2020-11-03

申请号：US16037509

申请日：2018-07-17

Applicant: SAP SE

Inventor： Eugen Pritzkau ,  Wei-Guo Peng ,  Omar-Alexander Al-Hujaj ,  Lin Luo ,  Volker Guzman ,  Kevin Schwab

IPC: H04L29/06

Abstract: A first Event is identified from a normalized log persistency layer, where the first Event is associated with an attack on a computing system. A plurality of Events are fetched from the normalized log persistency layer, where each fetched Event correlates with its neighboring fetched Event by at least one correlation attribute, and each of the fetched Event and the first Event are presented on a graphical user interface as a chain of events. A workspace is generated, where the workspace comprises a series of attack paths, where each attack path corresponds to one Event in the chain of events. An ETD pattern is created based on the attack paths in the workspace.

公开(公告)号：US20200044924A1

公开(公告)日：2020-02-06

申请号：US16053376

申请日：2018-08-02

Applicant: SAP SE

Inventor： Eugen Pritzkau ,  Hartwig Seifert ,  Kevin Schwab ,  Omar-Alexander Al-Hujaj ,  Volker Guzman ,  Wei-Guo Peng ,  Lin Luo ,  Harish Mehta

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  G06F21/64 ,  G06F9/445

Abstract: A computer-implemented method receives a program code and a signature associated with the program code from a database persistency associated with an enterprise threat detection (ETD) system. The received program code is associated with a configuration check, and the configuration check is developed at a development computing system and can collect information associated with a computing system. The received program code and the signature associated with the program code is distributed to a plurality of computing systems that are monitored by the ETD system. At least one configuration check result is received, and the configuration check result is generated by executing the program code on the computing system. The at least one configuration check result then transmitted to the database persistence, and the at least one result is displayed on a database graphical user interface (GUI) associated with the database persistency.

公开(公告)号：US20200028861A1

公开(公告)日：2020-01-23

申请号：US16037509

申请日：2018-07-17

Applicant: SAP SE

Inventor： Eugen Pritzkau ,  Wei-Guo Peng ,  Omar-Alexander Al-Hujaj ,  Lin Luo ,  Volker Guzman ,  Kevin Schwab

IPC: H04L29/06

Abstract: A first Event is identified from a normalized log persistency layer, where the first Event is associated with an attack on a computing system. A plurality of Events are fetched from the normalized log persistency layer, where each fetched Event correlates with its neighboring fetched Event by at least one correlation attribute, and each of the fetched Event and the first Event are presented on a graphical user interface as a chain of events. A workspace is generated, where the workspace comprises a series of attack paths, where each attack path corresponds to one Event in the chain of events. An ETD pattern is created based on the attack paths in the workspace.

公开(公告)号：US20180176234A1

公开(公告)日：2018-06-21

申请号：US15381567

申请日：2016-12-16

Applicant: SAP SE

Inventor： Thomas Kunz ,  Omar-Alexander Al-Hujaj ,  Jens Baumgart ,  Harish Mehta ,  Florian Chrosziel ,  Marco Rodeck ,  Thorsten Menke

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04L63/1416 ,  G06F16/27 ,  H04L63/1425

Abstract: A content replication connector receives control data associated with replication of content data from a source system. Based on the control data, the content replication connector fetches the content data from the source system, converts the content data from a first data format to a second data format, and sends the content data to a content replication server. The content replication server replicates the content data, and a target system fetches the content data from the content replication server.

公开(公告)号：US20180173872A1

公开(公告)日：2018-06-21

申请号：US15380379

申请日：2016-12-15

Applicant: SAP SE

Inventor： Thanh-Phong Lam ,  Jens Baumgart ,  Florian Kraemer ,  Volker Guzman ,  Anne Jacobi ,  Kathrin Nos ,  Jona Hassforther ,  Omar-Alexander Al-Hujaj ,  Stefan Rossmanith ,  Thorsten Menke

IPC: G06F21/55 ,  G06F9/48 ,  G06F9/46

CPC classification number: G06F21/552 ,  G06F17/40

Abstract: A log processing job executing on a log producing computing system is initiated for processing log data associated with the log producing computing system. Log entries are determined to be available for processing. At least one instance of a Log Extractor Factory, Reader, and Transformation component are instantiated for reading and transforming the log data. Read log data is transformed into a common semantic format as transformed log data and transmitted in real-time to a Streaming Component for storage in an Enterprise Threat Detection (ETD) System. A recovery point is stored with a recovery timestamp indicating a next log entry in the log data to process.

公开(公告)号：US09760841B2

公开(公告)日：2017-09-12

申请号：US13722434

申请日：2012-12-20

Applicant: SAP SE

Inventor： Michael Acker ,  Alexander Wachter ,  Daniel Walz ,  Marc Noe ,  Hong-Nghiep Phan ,  Omar-Alexander Al-Hujaj ,  Sasan Memar-Zahedani ,  Michael Kraemer ,  Thomas Weiss ,  Masoud Aghadavoodi Jolfaei

IPC: G06Q10/00 ,  G06F9/50 ,  G06F9/54

CPC classification number: G06Q10/00 ,  G06F9/5055 ,  G06F9/54

Abstract: A method, a system, and a computer-program product for providing a unified connectivity to a plurality of business processes are disclosed. A plurality of business processes for connection to a server are provided. A uniform configuration connection assembly for connecting the plurality of business processes to the server is generated. The uniform configuration connection assembly is configured based on at least one profile corresponding to at least one business process in the plurality of business processes and contains at least one connectivity artifact for performing at least one connectivity task for at least one business process in the plurality of business processes. At least a portion of the plurality of business processes to the server is connected based on the generated uniform configuration connection assembly.