UPDATE: SAP Enterprise Threat Detection 1.0 Now Generally Available!!!
On March 16, 2015, SAP Enterprise Threat Detection 1.0 powered by SAP HANA successfully completed the ramp-up phase and is now generally available. At the same time the first service pack SP1 was released, which already includes the feedback of our customers and partners.
Over the last few years there have been indications of rising interest in SAP systems by white hatters and black hatters, and I guess any color in between. In any case the world has got more dangerous for systems in general, not least because they are increasingly interconnected and exposed in ways that were unthinkable (for most) in the past. Although traditional security solutions remain vital for minimizing the attacks on your system landscape, you can and should assume that there will be unhealthy activity within your defensive perimeters. Determined attackers are likely to get through eventually and the best technical precautions might be nullified by internal personnel or by social engineering tricks.
These are well known dangers, and there appears to be a serious gap in the coverage of SAP systems by existing security products. These lack insight into SAP business software and also run up against what is essentially a big-data problem - that is, how to analyze the security-relevant data that exists in the landscape. Later this year, SAP plans to go into ramp-up with a new product designed to address exactly this issue.