In a large global corporation such as SAP, the complete lifecycle of threat detections requires teams to:
- Perform data normalization and enrichment to understand the context of the detection;
- Create the detection;
- Deploy the detection into their SIEM tools; and
- Test, fine-tune, and replicate the process.
This process takes a long time and quickly becomes inefficient, considering SAP deals with over 20,000 common vulnerabilities a year, plus zero-days, ransomware, and other threats.
SAP chose Anvilogic because Roland and his team were looking for a way to include automation and artificial intelligence in their security incident detection process so they wouldn’t have to hire more people to keep up with the rapidly evolving threat landscape.
Anvilogic's platform offered SAP a unique and innovative approach, allowing the organization to centralize and unify visibility across diverse detection tools. This consolidation allowed for a singular, comprehensive view for analysts, engineers, and security leaders, enhancing their ability to respond effectively to emerging threats. Anvilogic not only improved the accuracy of SAP’s security operations decisions but also significantly reduced the time required for these essential tasks.
“Now our people can actually create new detections and research them with incredible speed,” says Roland, “What we used to do in one year, now we can do in one or two months.”