E-book: Battling Trojan Horses in Your SAP Transports
About the Author
As CTO, JP leads the innovation team that keeps Onapsis on the cutting edge of the Business-Critical Application Security market, addressing some of the most complex problems that organizations are currently facing while managing and securing their ERP landscapes. JP helps manage the development of new products as well as support the ERP cybersecurity research efforts that have garnered critical acclaim for the Onapsis Research Labs. JP is regularly invited to speak and host trainings at global industry conferences, including Black Hat, HackInTheBox, AppSec, Troopers, Oracle OpenWorld and SAP TechEd, and is a founding member of the Cloud Security Alliance (CSA) Cloud ERP Working Group. Over his professional career, JP has led many Information Security consultancy projects for some of the world’s biggest companies around the globe in the fields of penetration and web application testing, vulnerability research, cybersecurity infosec auditing/standards, vulnerability research and more.
View Author Profile
Transports are considered an essential part of the SAP environment for day-to-day business. Used to transfer SAP content from one system to another, transports carry incredibly sensitive data, and even a secure production system can be compromised.
When changes are made in your SAP production systems through SAP transports, you are exposing your SAP systems to a high-security risk. Transports are usually considered one of the easiest ways to introduce vulnerabilities, offering a dangerous gateway to these critical systems. These “Trojan horses” are able to stealthily enter your SAP systems and sneak in malicious content, such as espionage, data theft and data manipulation. These damages can be detrimental to your organization and cause significant financial loss, customers to lose trust and fines from regulatory bodies.
While these losses can be substantial, many organizations are still unaware of the potential dangers of SAP transports and the level of security they require. Additionally, many organizations are unaware of these risks, and conventional tools are unable to detect these Trojan horse threats. Transport analysis by Onapsis closes this gap.

About the Author
As CTO, JP leads the innovation team that keeps Onapsis on the cutting edge of the Business-Critical Application Security market, addressing some of the most complex problems that organizations are currently facing while managing and securing their ERP landscapes. JP helps manage the development of new products as well as support the ERP cybersecurity research efforts that have garnered critical acclaim for the Onapsis Research Labs. JP is regularly invited to speak and host trainings at global industry conferences, including Black Hat, HackInTheBox, AppSec, Troopers, Oracle OpenWorld and SAP TechEd, and is a founding member of the Cloud Security Alliance (CSA) Cloud ERP Working Group. Over his professional career, JP has led many Information Security consultancy projects for some of the world’s biggest companies around the globe in the fields of penetration and web application testing, vulnerability research, cybersecurity infosec auditing/standards, vulnerability research and more.
View Author Profile
Further Reading
How Mandiant and Google Cloud Are Transforming SAP Cybersecurity Collaboration
Securing SAP environments requires bridging the gap between network perimeter defenses and application-layer intelligence. Recently, industry leaders from Mandiant (part of Google Cloud) and Onapsis highlighted how strategic partnerships are reshaping cybersecurity defenses for business-critical applications. This collaboration strengthens incident response, accelerates threat intelligence sharing, and equips Security Operations Centers (SOCs) to defend the entire…
Compliance and Prevention Are Best Friends: How Custom Code Security Drives Verifiable Governance
Modern enterprise compliance requires a shift from reactive auditing to automated, software-driven prevention at the custom application layer. As regulations like NIS2, the Cyber Resilience Act (CRA), and the EU AI Act enforce secure-by-design architectures, organizations must implement strict control planes for their custom ABAP code. Integrating automated application security testing into the development lifecycle…
The Truth About SAP Security Architecture: Why Embedded Tools Are a Single Point of Failure
Protecting enterprise core business processes requires resilient architecture. The latest data from the IBM Cost of a Data Breach Report shows the average global breach lifecycle stretches to 241 days. Organizations face severe financial penalties for slow threat containment. An architectural security failure stalls supply chains, disrupts financial closes, and brings operations to a complete…
