It´s about time for a SIEM at the SAP application level.

Many years ago I was an instructor to a group of SAP technical consultants on Security concepts around SAP and, an in that training class first thing I did was to provide each of the students with a username and password for the Windows Server Domain, as well as a SAP username and password, requesting that they had to change both passwords at first logon. They followed the instructions, logged into the Windows server domain, changed their password, then they accessed the SAP training systems and also changed their passwords. I told them to wait…