Blocking data, which must not leave SAP. Protecting data, which is needed outside of SAP.

HALOCORE® is a unique solution for controlling and protecting intellectual property and personal data that are exported from SAP. HALOCORE® not only meets GDPR requirements, but shuts the door to security breaches. By integrating directly with SAP, HALOCORE® audits all SAP data exports and streams using an automated classification engine to block unauthorized downloads and to protect authorized exports outside of SAP.

This innovative approach allows enterprises to maintain a high level of control and security over sensitive documents extracted from SAP throughout their lifetime, even if these have been shared via email, downloaded to a recipient’s PC or mobile device, or taken from temporarily saved spool jobs.

HALOCORE® has a modular structure to guarantee comprehensive protection within just a few days:


HALOCORE® MONITOR audits all exports and downloads for critical SAP data regardless from which egress point the data flows. Using pseudonymizing, the HALOCORE audit log meets by default Works Council requirements.

It is a key extension to the standard SAP Security Audit Log (SAL) and, furthermore, enriches the auditing data shown in SAP Enterprise Threat Detection (ETD) and SAP Digital Boardroom, especially as it audits all exports using an automated classification engine. Closing these GRC compliance gaps even during ‘Firefighter’ activities, HALOCORE® MONITOR provides real-time experience showing which sensitive data is at risk of leaving your SAP system and sending e-mail notifications in case of data leakage.


HALOCORE® BLOCK effectively prevents your business-critical data and documents from leaving the protected SAP application and, thus, protects against accidental or intentional data leaks.

Directly integrated into SAP, it works based on the HALOCORE® audit log at the source of all recorded data flows. Users without a corresponding SAP-authorized profile cannot download any file. Furthermore, a granular, bespoke policy can be implemented using automated data classification, which tailors the control over SAP exports to the specific needs of your organization.


HALOCORE® PROTECT extends the SAP access control shield for your intellectual property and other sensitive information beyond the SAP boundaries. HALOCORE® intercepts the data being downloaded from SAP and applies fully customizable classification labels to the document metadata.

Using Microsoft Azure Information Protection (AIP) each document exported from SAP is efficiently encrypted on the server level before it arrives on any device. Using the automated HALOCORE® classification engine, granular authorizations and user rights are assigned to sensitive data, allowing easy and secure exchange of documents between employees, partners or suppliers.


HALOCORE® Data Stream Intelligence (HDSI) provides monitoring and classification of different types of data streams (RFC, IDOC, etc.) between SAP systems and the connected satellite systems.

It extends the HALOCORE® MONITOR capabilities to scan ‘machine-to-machine’ communications and SAP background data flows. Enterprises gain insights into ‘invisible’ SAP application activities and, thus, significantly reduce their IT security risk.

Download Product Flyer

Download Product Flyer