9 – Implement a security strategy for logging, testing, and responding to security events

Do you have a strategic security plan that is supported by the appropriate logging, testing, and documented response methodology? Having a strategic security plan helps shape the proactive and reactive tasks that must be accomplished to ensure that all security challenges are met successfully. The procedures for logging, detection, and additional protection to help identify and remediate security incidents for SAP on AWS workloads are identical to those detailed in the Well-Architected Framework Security Pillar. Review the best practices regarding detection and incident response within the Security Pillar in addition to the guidance in this section.

ID	Priority	Best Practice
☐ BP 9.1	Required	Understand your security strategy for SAP application and database security event analysis
☐ BP 9.2	Highly Recommended	Perform periodic tests for security bugs
☐ BP 9.3	Highly Recommended	Have a documented plan for responding to security events

Well-Architected Framework [Security]: Detection
Well-Architected Framework [Security]: Incident Response

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Best Practice 8.3 – Secure your data recovery mechanisms to protect against threats

Best Practice 9.1 – Understand your strategy for SAP application and database security event analysis