SAP automates detection engineering & hunting with Anvilogic
Cybersecurity company, Anvilogic, has a mission to democratise and unify detection engineering and hunting, empowering Security Operations Centre (SOC) teams to better protect organisations from cybersecurity threats with greater efficiency and effectiveness.
“We automate cybersecurity operations, particularly detection engineering, hunting, and investigations,” explains Karthik Kannan, Anvilogic’s Founder, and CEO. “By automating the process of observing key capabilities of the enterprise, mapping them on frameworks like MITRE ATT&CK, we can then automatically provide insights and recommendations for what detections need to be put into place and automate that process,” explains Kannan. “From there, we progress into completely AI-led analysis of signals to find revealing patterns for which there may not have been detections at all in the first place.”
As Roland Costea, the Global Chief Security Officer for Enterprise Cloud Services at SAP, explains, Anvilogic enables SAP to move quickly from threat research to building, deploying and then improving the detection process.
There are five main challenges that SAP has that it plans to address with Anvilogic. Costea explains that enabling more speed in SAP’s operations is a key challenge.
“The first challenge is that we need the ability to easily manage data normalisation and enrichment to ensure the security triage team has the proper context to make their decisions in the security operations,” he says. “Secondly, we want to consistently measure our ability to detect priority threats from the risk management programme in real-time. Third, we want to have or to streamline how detections are managed, deployed, and version-controlled, while also improving the time to deploy them in our security information event management system. Fourth, we need to improve our triage and analysis capabilities by understanding the relationships behind the correlation.” Costea adds, “And finally, we currently use several tools in our detection lifecycle and we are looking for a way to centralise and unify that visibility so that our analysts, our engineers, and our leaders in the defensive architecture area have a single view that will give them all the insights that they need.”
As Costea explains, by including automation and AI in the security process, Anvilogic is helping SAP be more efficient and optimised, ultimately enabling it to respond faster to threats.
“Anvilogic is an innovator in this space and we are extremely happy with the partnership that will allow us to not only solve and improve ourselves when it comes to these five challenges, but also to have a unique approach to protect the private cloud and, ultimately, the data of the most important companies in the world,” Costea comments.
“I really like to work with innovative startup companies,” he concludes. “This brings the excitement that together, we can share insights to help develop the roadmap and how to continue to grow the Anvilogic platform. All of this can not only help SAP, but also help the whole world to address threat detection, investigation, hunting, and triage in a better optimised and, in the end, quicker way.”
Read the full SAP's digital report HERE.