Case Study


Learn how SAP improves efficiency and optimization against cyber threats with Anvilogic in this case study.

Download Case Study PDF
Roland Costea


In a large global corporation such as SAP, the complete lifecycle of threat detections requires teams to:

  • Perform data normalization and enrichment to understand the context of the detection;
  • Create the detection;
  • Deploy the detection into their SIEM tools; and
  • Test, fine-tune, and replicate the process.

This process takes a long time and quickly becomes inefficient, considering SAP deals with over 20,000 common vulnerabilities a year, plus zero-days, ransomware, and other threats. 

Enter Anvilogic

SAP chose Anvilogic because Roland and his team were looking for a way to include automation and artificial intelligence in their security incident detection process so they wouldn’t have to hire more people to keep up with the rapidly evolving threat landscape.

Anvilogic's platform offered SAP a unique and innovative approach, allowing the organization to centralize and unify visibility across diverse detection tools. This consolidation allowed for a singular, comprehensive view for analysts, engineers, and security leaders, enhancing their ability to respond effectively to emerging threats. Anvilogic not only improved the accuracy of SAP’s security operations decisions but also significantly reduced the time required for these essential tasks.

“Now our people can actually create new detections and research them with incredible speed,” says Roland, “What we used to do in one year, now we can do in one or two months.”






SAP is the biggest private cloud in the world, controlling data for 95 of the Forbes 100. The data spans various industries around the world and is subject to a multitude of compliance regulations. Global Chief Security Officer Roland Costea is responsible for running the global cybersecurity strategy program for the SAP Private Cloud, the biggest private cloud in the world and the main component of the Rise with SAP Business Transformation as a Service program.

As the task of protecting that data grew more complex, SAP realized the need for a different approach — not only deploying more tools and technologies but creating a more efficient and optimized way for the company to detect and respond to threats.

"Anvilogic is an innovator and we are extremely happy with the partnership that will allow us to not only solve and improve ourselves, but also to have a unique approach to protect the private cloud and, ultimately, the data of the most important companies in the world."

Roland Costea
Chief Information Security Officer ECS, SAP

Break Free from SIEM Lock-in

Break Free from SIEM Lock-in