HANA’s real-time analytical power provides an excellent foundation to rapidly deal with security-related issues. At this year’s Sapphire, Hasso Plattner described the importance of HANA in fighting hackers.
….the increased number of potential attack vectors open to hackers means that companies can no longer rely on perimeter defences. The chairman said enterprise-level customers need to upgrade to intelligence models powered by advanced analytics tools, like HANA.
Plattner said: "What's on show here is a new security-monitoring application that collects all significant hardware, network and software vendors' security messages. It takes them from people like Microsoft, HP, IBM, CISCO and Oracle. It takes all of them into a large HANA database and does multi-system security breach analysis.
What I always found intriguing about this quote was that Hasso didn’t mention SAP systems as being involved in such HANA-based cyber-threat scenarios.
Two new job offers reveal that SAP is indeed examining the potential of HANA to deal with such issues.
Position: Working Student: Smart analysis of SAP log data in a central HANA Database
Our department has the task to examine and prepare the development of a new product in the area of mass data analysis that deals with attacks to SAP systems. The relevant data sources to analyze are e.g. the very different logs of SAP systems, which are in general very large and grow fast within short time ranges. With SAP’s in Memory HANA Database it becomes now possible to examine and analyze such mass data in a very fast way. This new opportunity allows us to analyze the data according to SAP system hacks that occurred in the past, or that are even currently occurring. One of the challenges is to transfer the relevant data into a good SAP HANA Database readable format that allows for a highly performing access via HANA-DB optimized select statements.
Some corresponding questions are:
- How does the format of the most relevant data of the different sources look like? How can relevant information be found out of this data?
- Which features does the SAP HANA Database provide to read structured and unstructured (text) data in a fast way?
- How shall a SAP HANA Database table format (or formats) look like, into which the data out of the different sources need to be transferred?
- What are alternatives to optimize the SAP HANA Database table format(s) in order to find the relevant data in a highly efficient way?
- How could meta data models look like to allow some kind of modeling of the highly efficient select statements?
Position: Thesis Student: Analysis and Definition of Attack Patterns for SAP systems
[first part of job description is the same as the first offer]
…… One of the challenges is to determine/define valid general Attack Patterns to SAP Systems or to system landscapes with SAP systems and to transfer these patterns into technical analysis statements that are applied to the relevant mass data in a SAP HANA Database.
Some corresponding questions are:
- Which are valid attack patterns?
- Which data out of which sources is needed in order to find a potential attacks according to an attack pattern?
- How does the filtering and order of filtering of the data look like to most exactly find a potential attack?
- How can so called ‘false positives’ (i.e. findings of potential attacks that aren’t any) be ignored in a most reliable manner?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
37 | |
10 | |
6 | |
4 | |
3 | |
3 | |
3 | |
3 | |
2 | |
2 |