Search

A leading European technology trading group mitigates SAP Cyber security risks with managed service from 1DigitalTrust

/in /by
Industry: European Technology
Company Size: 900 employees

Customer Success Story

One of Europe’s leading technology trading groups within products and systems for industrial applications has secured its SAP systems all over Europe with an Onapsis cybersecurity solution delivered by 1DigitalTrust as a managed service to avoid expensive downtime to its business. 

With 3,3 billion SEK in yearly turnover and 36 business units in 14 countries, the organisation employs more than 900 people who serve more than 30,000 customers and 400 suppliers. With that customer and supplier base, it is business critical for the company to have a well-functioning and secure SAP system that will not be exposed to cyberattacks. 

Recently, the company saw how one of their competitors was hit by a ransomware attack. The company wanted to ensure that this would not happen to them. 

As a global company, it has its own resources as well as external ones distributed across different locations. That called for a structured approach to prevent security holes in the global SAP system.

“We have been able to reduce our risks significantly with the SAP Cyber security managed service from 1DigitalTrust. The costs have been planned, and we have been able to stay within the budget for mitigating the risks.”

CFO at the Company

Mitigating SAP Risks

To stay secure, 1DigitalTrust has implemented an SAP cybersecurity managed service at the company’s SAP installation. 1DigitalTrust did the installation and delivers security services, as the company does not have dedicated inhouse SAP cybersecurity resources. As a security service partner, 1DigitalTrust continuously monitors the systems. Every month, the company and 1DigitalTrust go through the current risks and plan how to mitigate the risks.  

Known Security Costs

One of the advantages for the company is that they now have experts at hand to help with mitigating all the risks. Furthermore, the company’s costs for ensuring SAP Cyber security are known. Everything concerning the monitoring and related infrastructure is included in the fee and is taken care of by 1DigitalTrust. Time to resolution for any risks has been faster than anticipated. After the initial work to remove all critical risks within the first months, the work is now more operational. When new critical risks occur, which they unfortunately will from time to time, the company has easy access to resources, and risks will be mitigated by 1DigitalTrust as soon as a solution is available.

Solution: Business Critical Cybersecurity from Onapsis

The solution from 1DigitalTrust is based on the Onapsis Platform, which focuses on the unique cyber security challenges of business-critical applications such as SAP and Oracle. Currently, the Onapsis Platform protects business-critical applications and data for over 300 global enterprises, including 20% of the Fortune 100. The Onapsis Platform also delivers timely and impactful threat intelligence to SAP and their customers to help mitigate vulnerabilities.

“We now have a structured process to evaluate and mitigate risks in SAP. That enables us to quickly and efficiently determine when and how to mitigate the risks together with the experts from 1DigitalTrust.” 

ERP Manager at the Customer

Results

  • 77 % of C-level executives (CTO, CIO, etc.) are concerned about security, when considering moving ERP applications to the cloud.
  • In 64% of the cases, ERP downtime cost per hour is higher than 50,000 USD.
  • In 74% of surveyed organizations, ERP applications are currently accessible from the Internet.

Despite efforts to patch, 62% of the respondents said that their applications have critical vulnerabilities.

Every second a large organization experiences a security breach related to their ERP system.

Avoiding Security Roadblocks to SAP S/4HANA Migrations

/in /by

Best Practices & Lessons Learned

ON DEMAND

Moving to SAP S/4HANA is a complex process, requiring collaboration from multiple stakeholders across the business to deliver the project on time and on budget.  All too often, security ends up being a roadblock to meeting those goals, but it doesn’t have to be.

KPMG and Onapsis work side-by-side with organizations to build security into their SAP S/4HANA migrations to avoid setbacks and establish secure SAP operating models. Join us for a conversation on best practices for a security-by-design approach based on our experience helping customers migrate their systems. Topics include:

  • Aligning stakeholders across security, IT, SAP Basis, and internal audit
  • Putting security-by-design into practice without interfering with or burdening SAP teams
  • The three biggest challenges we hear for each stage of a migration project and how to overcome them
  • Other lessons learned from our customers, so you can avoid those challenges yourself

How Tech Executives are Leading Organizational and Technology Change – CIO Benchmark Research

/in /by

Change has come in many forms for business and IT leaders across all industries. Geopolitical events, market forces, changing consumer behavior, and commodity price fluctuations have all put various pressures on decision makers. Add to the fact that technology is rapidly evolving and transitions to new solutions such as SAP S/4HANA and the Cloud are top of mind. In this benchmark report we examine how executives are approaching organization and technology change.

Active SAP Exploitation Activity Identified by the Onapsis Research Labs

/in /by

Threat Intel Briefing


The Onapsis Research Labs continuously monitors the evolving SAP threat landscape to rapidly identify elevated risk, trending threat behavior and activity, and vulnerabilities that are being leveraged by attackers to compromise business applications. 

The Onapsis Research Labs observed active exploitation attempts against three existing and previously patched SAP vulnerabilities. These vulnerabilities are remotely exploitable through the HTTP(s) protocol and have publicly available exploits and PoCs which facilitate its exploitation. 

As a result of this, on June 9, 2022, CISA updated its Catalog of Known Exploited Vulnerabilities to now include these three aforementioned SAP vulnerabilities. This catalog is a dynamic collection of known vulnerabilities that are currently being exploited in the wild. Mitigation and/or remediation of these vulnerabilities is mandatory for all federal civilian executive branch agencies, but this catalog also serves as an excellent repository of current exploitation activity for the private sector as well.

These three new additions only further support the continuing threat intelligence published by CISA documenting this growing knowledge and exploitation activity around older vulnerabilities for unpatched, unprotected SAP systems. It’s important to ensure that your critical systems have these SAP Security Notes effectively applied.

This session with SAP, CISA and Onapsis covers the latest developments in the Threat Landscape for SAP business-critical  applications, including:

  • The assets organizations can leverage from CISA to help with securing application
  • Which vulnerabilities are currently being exploited by threat actors
  • Tactics and behaviors that threat actors may exhibit when exploiting these vulnerabilities on unpatched SAP applications
  • How you can leverage Onapsis technology to protect your SAP applications

Onapsis Defend: Threat Monitoring and Pre-Patch Protection for Business-Critical SAP Applications

/in /by

Continuously Monitor and Protect Your Most Important Assets from Threats

Challenge

Your Window to Defend Your Business-Critical Applications Is Shrinking

Digital transformation initiatives have left business-critical applications more exposed than ever, and this increased exposure hasn’t gone unnoticed. Threat actors are targeting business-critical applications through a variety of attack vectors and at a faster pace than ever before. Attempting to monitor for threat activity by manually reviewing system logs are inefficient and require extensive internal knowledge. Given the speed at which threat actors operate, this leaves far too much time for successful attacks to take place. To protect their critical business operations and data, organizations need continuous threat monitoring designed specifically for these applications. They need to identify potential threats in real-time and understand the risk they pose, so they can prioritize incident response. And they need the ability to define and customize criteria for alerts, including threats related to user actions such as authorization and sensitive data access.

<3 hours for the first exploit attempt on an unprotected system coming online 1
<72 hours between release of a patch and first exploit attempts 1

The Solution

Continuous Threat Monitoring for SAP with Onapsis Defend

Powered by research and insights from the Onapsis Research Labs, Onapsis Defend uniquely provides the visibility and context security teams need to respond faster and smarter to threats targeting their business-critical applications. Onapsis is proud to be an Oracle partner and the only application security platform in the SAP Endorsed Apps Program.

  • Over 2,000 detection rules specific for SAP, including zero days to protect applications from threats prior to patch release
  • Detect anomalies, understand root cause and how to mitigate
  • Integrate with SIEMs for SOC visibility and cross-system analysis
  • Get the latest threat intelligence from Onapsis Research Labs

Understand Threats to Your Critical Systems 

  • Automatically Detect Potential Threats or Suspicious Activity
    Eliminate the need for manual log reviews and in-house SAP security expertise to identify threats to critical assets (e.g., ABAP, JAVA, HANA, SAProuter)
  • Start Monitoring Immediately and Realize Value Quickly
    2,000+ detection rules and 30 pre-configured alarms provide a base level of threat monitoring upon install
  • Ease the Burden of Security Responsibilities under RISE with SAP
    Better manage your RISE security responsibilities, including tracking user behavior and detecting & mitigating external / insider threats

“We’re saving 20 hours a week compared to manual log reviews”

– F500 Financial Institution

Respond Faster and Smarter

  • Reduce Investigation Time and Accelerate Response
    Receive real-time alerts with detailed explanations, including root cause, severity, machine learning anomaly score, and business context
  • Transform SOC Teams into Instant SAP Experts
    Easily send curated SAP threat activity and intelligence to your existing SIEM tools; threat explanations and remediation guidance facilitate playbook creation
  • Extend Onapsis Threat Intelligence to the Network Layer
    Augment your existing network security products with vendor agnostic, open-source rules that alert on (and potentially stop) Onapsis-research-based network threats before they reach your ERP applications

“We’re saving 20 hours of week addressing security controls around useraccess”

– F500 Consumer Good Company

Reduce Risk to Critical Systems

  • Get the Best SAP Exploit and Zero-Day Protection
    Detect more types of exploit activity with 400+ exploit rules across the SAP stack, including zero-day rules to protect you before patches are available
  • Find Suspicious User Behavior Faster
    Monitor for insider threats and potential indicators of compromise with targeted alerts and user behavior analysis (UBA) to detect anomalies faster
  • Easily Implement Compensating Controls
    Address the risk of open vulnerabilities by monitoring for exploit activity or help meet regulatory requirements by adding additional controls

 “We’re confident our most important assets are protected from zero-days and other emerging threats”

– F500 Chemical Company

1  IDC ERP Security Report 

Assess Baseline: Jumpstart Your SAP Application Security

/in /by

Accelerate Your SAP Vulnerability Management with Focus and Prioritization 

In a world where business-critical SAP applications are under attack every day, organizations struggle with addressing this risk. Complex, interconnected landscapes of production and non-production systems paired with under-resourced teams means it’s a challenge to simply know what to tackle first when it comes to vulnerability management for SAP. There’s a growing backlog of critical patches as new vulnerabilities and threats are regularly discovered, and traditional vulnerability management solutions fail to paint an accurate picture of the true risk to SAP applications.

But vulnerability management for SAP doesn’t have to be hard if you have the right partner. Onapsis Assess Baseline gives organizations just what they need to kickstart their SAP vulnerability management processes and easily align with the officially published SAP Security Baseline.

Get Up and Running Quickly with SAP’s Trusted Security Partner 

  • Streamline deployment with the Onapsis SaaS and zero-footprint scanning
  • Immediately start scanning out of the box for vulnerabilities with remediation context from the Onapsis Research Labs 

Accelerate Time-to-Value for SAP Vulnerability Management

  • Quickly understand the true risk to your SAP landscape with prioritized visibility into the most critical vulnerabilities affecting your systems
  • Eliminate time-consuming, manual processes by automatically identifying missing patches and validating that they were correctly applied

Technology that Scales and Grows When You’re Ready

  • Easily expand to support more systems and more advanced vulnerability use cases
  • Augment point-in-time vulnerability scans with continuous threat monitoring and application security testing from Onapsis

Onapsis Assess: Complete Attack Surface Management for Business-Critical Applications

/in /by

Eliminate the Cybersecurity Blind Spot Around Your Most Important Assets

Challenge

Business Applications Have Never Been More Vulnerable

The increasing complexity and size of application environments, heavy customization of individual apps, and growing backlogs of patches have left organizations with a longer list and greater variety of vulnerabilities to identify, understand, and act on. The exposure and risk of exploitation at the application layer is also greater now due to digital transformation initiatives, with many critical applications moving to the cloud, connecting to third-parties, or becoming publicly accessible.

This combination of more vulnerabilities and more exposure means organizations need strong vulnerability management programs around their business-critical applications. However, traditional vulnerability management tools don’t sufficiently support these environments. This forces teams to rely on manual efforts – which inevitably leads to unaddressed risk and open attack vectors in their most important assets.

64% of ERP systems have been breached in the last 24 months 1
3 hours Between new system coming online and first observed exploit attempts 2

The Solution

Protect the Application Layer Itself with Onapsis Assess

Powered by research and insights from the Onapsis Research Labs, Assess uniquely provides the visibility and context both InfoSec and IT teams need to quickly act on vulnerabilities that pose the greatest risk to the business. Onapsis is proud to be an Oracle partner and the only application security platform in the SAP Endorsed Apps Program.

  • Identify vulnerabilities at the application layer
  •  Understand risk and business impact
  •  Facilitate remediation with technical solutions
  •  Accurately report on risk

Identify and Understand Risk 

  • Automatically Identify
    Find vulnerabilities due to missing patches, user settings, misconfigurations, and custom code
  • Easily Scale Your Approach
    Range of assessments take you from securing the baseline to more advanced vulnerability use cases
  • Understand Business Impact
    Make empowered decisions about risks – those to accept and those that need action

“We save 20 hours of investigation time each week” 

– Large Retail Company

Greater Risk Reduction, Less Effort

  • Prioritize Remediation Efforts
    Understand where to focus efforts and don’t waste time on issues that don’t pose a big risk.
  • Fix Issues Faster
    Arm IT partners with step-by-step technical solutions to make resolutions straightforward
  • Align InfoSec and IT Teams
    Provide cross-functional visibility with built-in workflows and ServiceNow integration

“We reduced remediation time by 83%”

– F500 Bio-Pharmaceutical Company

Accurately Report on Risk and Measure Success 

  • Gain Real-Time Visibility & Metrics
    Easily report on the current security posture, communicate risk in real business terms, and save time preparing read-outs
  • Get the Latest Threat Intel
    Keep up with the latest security best practices from Onapsis Research Labs
  • Chart Your ERP Security Path
    Receive personalized guidance based on AI and 14+ years of Onapsis data, track improvements over time, and monitor progress compared to other companies

“We save 40 hours of manual data pulls and communication each week”

– Multinational Chemical Company

1  IDC ERP Security Report 
2  SAP and Onapsis Threat Report

©2024 Onapsis | All rights reserved