SAP ETD: Expensive Cloud SIEM vs. On-Premise #shorts

From my experience, ETD is you need a team which is dedicated to run that. You need SAP guys understanding what they see. The second one is there are two versions. There's the version you can install which basically means you need an SAP HANA license of the database which is an in-memory database. So you need also the hardware for that. Which ingest your logs. The cool thing with that is that SAP built in their kernel layer an proprietary API which allows you before that log even is written is sent to that ETD. It's a pretty cool feature. The problem is it's only for ETD. Um when you go to the cloud version. So ETD delivers you pattern which is like the

pre-built rules from Elastic. With uh I would say that amount of compared to what Elastic provides. Um when you go to the cloud edition you get even less. They have not fully It's the same system just run by SAP for you but they were able to transfer all those patterns over. Think you get in the normal 120 patterns and in the cloud 140. And it's to be honest also in my opinion freaking expensive. Because you have the license for the software usually and on the other side you can get it halfway free if you're in license discussions with SAP. So just for everyone else think about license discussion. We're not speaking about some thousand bucks.

Put some more zeros on the end. It's usually about millions. If you are thinking of doing some sort of monitoring. So think of connectors where you are shipping your logs through some sort of connector to your system. Then it makes sense you don't pay that much. I hope that SAP account manager likes me after >> [laughter] >> Don't tell them our names. Yeah, better not. That's That's one of our goals, you know, piss off a lot of people. We're doing it successfully. Any more?