CONTACT US
Search
CONTACT US

Onapsis Defend: Threat Monitoring and Pre-Patch Protection for Business-Critical SAP Applications

/in /by

Continuously Monitor and Protect Your Most Important Assets from Threats

Challenge

Your Window to Defend Your Business-Critical Applications Is Shrinking

Digital transformation initiatives have left business-critical applications more exposed than ever, and this increased exposure hasn’t gone unnoticed. Threat actors are targeting business-critical applications through a variety of attack vectors and at a faster pace than ever before. Attempting to monitor for threat activity by manually reviewing system logs are inefficient and require extensive internal knowledge. Given the speed at which threat actors operate, this leaves far too much time for successful attacks to take place. To protect their critical business operations and data, organizations need continuous threat monitoring designed specifically for these applications. They need to identify potential threats in real-time and understand the risk they pose, so they can prioritize incident response. And they need the ability to define and customize criteria for alerts, including threats related to user actions such as authorization and sensitive data access.

<3 hours for the first exploit attempt on an unprotected system coming online 1
<72 hours between release of a patch and first exploit attempts 1

The Solution

Continuous Threat Monitoring for SAP with Onapsis Defend

Powered by research and insights from the Onapsis Research Labs, Onapsis Defend uniquely provides the visibility and context security teams need to respond faster and smarter to threats targeting their business-critical applications. Onapsis is proud to be an Oracle partner and the only application security platform in the SAP Endorsed Apps Program.

  • Over 2,000 detection rules specific for SAP, including zero days to protect applications from threats prior to patch release
  • Detect anomalies, understand root cause and how to mitigate
  • Integrate with SIEMs for SOC visibility and cross-system analysis
  • Get the latest threat intelligence from Onapsis Research Labs

Understand Threats to Your Critical Systems 

  • Automatically Detect Potential Threats or Suspicious Activity
    Eliminate the need for manual log reviews and in-house SAP security expertise to identify threats to critical assets (e.g., ABAP, JAVA, HANA, SAProuter)
  • Start Monitoring Immediately and Realize Value Quickly
    2,000+ detection rules and 30 pre-configured alarms provide a base level of threat monitoring upon install
  • Ease the Burden of Security Responsibilities under RISE with SAP
    Better manage your RISE security responsibilities, including tracking user behavior and detecting & mitigating external / insider threats

“We’re saving 20 hours a week compared to manual log reviews”

– F500 Financial Institution

Respond Faster and Smarter

  • Reduce Investigation Time and Accelerate Response
    Receive real-time alerts with detailed explanations, including root cause, severity, machine learning anomaly score, and business context
  • Transform SOC Teams into Instant SAP Experts
    Easily send curated SAP threat activity and intelligence to your existing SIEM tools; threat explanations and remediation guidance facilitate playbook creation
  • Extend Onapsis Threat Intelligence to the Network Layer
    Augment your existing network security products with vendor agnostic, open-source rules that alert on (and potentially stop) Onapsis-research-based network threats before they reach your ERP applications

“We’re saving 20 hours of week addressing security controls around useraccess”

– F500 Consumer Good Company

Reduce Risk to Critical Systems

  • Get the Best SAP Exploit and Zero-Day Protection
    Detect more types of exploit activity with 400+ exploit rules across the SAP stack, including zero-day rules to protect you before patches are available
  • Find Suspicious User Behavior Faster
    Monitor for insider threats and potential indicators of compromise with targeted alerts and user behavior analysis (UBA) to detect anomalies faster
  • Easily Implement Compensating Controls
    Address the risk of open vulnerabilities by monitoring for exploit activity or help meet regulatory requirements by adding additional controls

 “We’re confident our most important assets are protected from zero-days and other emerging threats”

– F500 Chemical Company

1  IDC ERP Security Report 

Assess Baseline: Jumpstart Your SAP Application Security

/in /by

Accelerate Your SAP Vulnerability Management with Focus and Prioritization 

In a world where business-critical SAP applications are under attack every day, organizations struggle with addressing this risk. Complex, interconnected landscapes of production and non-production systems paired with under-resourced teams means it’s a challenge to simply know what to tackle first when it comes to vulnerability management for SAP. There’s a growing backlog of critical patches as new vulnerabilities and threats are regularly discovered, and traditional vulnerability management solutions fail to paint an accurate picture of the true risk to SAP applications.

But vulnerability management for SAP doesn’t have to be hard if you have the right partner. Onapsis Assess Baseline gives organizations just what they need to kickstart their SAP vulnerability management processes and easily align with the officially published SAP Security Baseline.

Get Up and Running Quickly with SAP’s Trusted Security Partner 

  • Streamline deployment with the Onapsis SaaS and zero-footprint scanning
  • Immediately start scanning out of the box for vulnerabilities with remediation context from the Onapsis Research Labs 

Accelerate Time-to-Value for SAP Vulnerability Management

  • Quickly understand the true risk to your SAP landscape with prioritized visibility into the most critical vulnerabilities affecting your systems
  • Eliminate time-consuming, manual processes by automatically identifying missing patches and validating that they were correctly applied

Technology that Scales and Grows When You’re Ready

  • Easily expand to support more systems and more advanced vulnerability use cases
  • Augment point-in-time vulnerability scans with continuous threat monitoring and application security testing from Onapsis

Onapsis Assess: Complete Attack Surface Management for Business-Critical Applications

/in /by

Eliminate the Cybersecurity Blind Spot Around Your Most Important Assets

Challenge

Business Applications Have Never Been More Vulnerable

The increasing complexity and size of application environments, heavy customization of individual apps, and growing backlogs of patches have left organizations with a longer list and greater variety of vulnerabilities to identify, understand, and act on. The exposure and risk of exploitation at the application layer is also greater now due to digital transformation initiatives, with many critical applications moving to the cloud, connecting to third-parties, or becoming publicly accessible.

This combination of more vulnerabilities and more exposure means organizations need strong vulnerability management programs around their business-critical applications. However, traditional vulnerability management tools don’t sufficiently support these environments. This forces teams to rely on manual efforts – which inevitably leads to unaddressed risk and open attack vectors in their most important assets.

64% of ERP systems have been breached in the last 24 months 1
3 hours Between new system coming online and first observed exploit attempts 2

The Solution

Protect the Application Layer Itself with Onapsis Assess

Powered by research and insights from the Onapsis Research Labs, Assess uniquely provides the visibility and context both InfoSec and IT teams need to quickly act on vulnerabilities that pose the greatest risk to the business. Onapsis is proud to be an Oracle partner and the only application security platform in the SAP Endorsed Apps Program.

  • Identify vulnerabilities at the application layer
  •  Understand risk and business impact
  •  Facilitate remediation with technical solutions
  •  Accurately report on risk

Identify and Understand Risk 

  • Automatically Identify
    Find vulnerabilities due to missing patches, user settings, misconfigurations, and custom code
  • Easily Scale Your Approach
    Range of assessments take you from securing the baseline to more advanced vulnerability use cases
  • Understand Business Impact
    Make empowered decisions about risks – those to accept and those that need action

“We save 20 hours of investigation time each week” 

– Large Retail Company

Greater Risk Reduction, Less Effort

  • Prioritize Remediation Efforts
    Understand where to focus efforts and don’t waste time on issues that don’t pose a big risk.
  • Fix Issues Faster
    Arm IT partners with step-by-step technical solutions to make resolutions straightforward
  • Align InfoSec and IT Teams
    Provide cross-functional visibility with built-in workflows and ServiceNow integration

“We reduced remediation time by 83%”

– F500 Bio-Pharmaceutical Company

Accurately Report on Risk and Measure Success 

  • Gain Real-Time Visibility & Metrics
    Easily report on the current security posture, communicate risk in real business terms, and save time preparing read-outs
  • Get the Latest Threat Intel
    Keep up with the latest security best practices from Onapsis Research Labs
  • Chart Your ERP Security Path
    Receive personalized guidance based on AI and 14+ years of Onapsis data, track improvements over time, and monitor progress compared to other companies

“We save 40 hours of manual data pulls and communication each week”

– Multinational Chemical Company

1  IDC ERP Security Report 
2  SAP and Onapsis Threat Report

Cyber Tech Talk Features: The Onapsis Research Labs

/in /by

ON DEMAND

The award-winning Onapsis Research Labs is a team of cybersecurity experts who combine in-depth knowledge and experience to deliver security insights and threat intel affecting business-critical applications, such as SAP, Oracle, and others. The Onapsis Research Labs team have discovered over 1,000 zero-day vulnerabilities and multiple critical global CERT alerts have been based on their novel research

Onapsis automatically updates its products with the latest threat intelligence and other security guidance from the Onapsis Research Labs. This provides customers with advanced notification on critical issues, comprehensive coverage, improved configurations and zero-day protection ahead of scheduled vendor updates. 

In this session learn more about the latest threat intelligence and receive security guidance from the Onapsis Research Labs to stay ahead of ever-evolving cybersecurity threats.

This session covers: 

  • Recent research on vulnerability findings, including ICMAD and HTTP Smuggling
  • An overview on how to keep your SAP business-critical applications secure
  • Threat intelligence on the cybersecurity attack trends observed in the wild
  • Security guidance and best practices from the leading team of researchers

Le paysage des menaces se transforme: Mieux comprendre comment protéger les applications critiques SAP contre les menaces

/in /by

On Demand

Les applications SAP hébergent les informations clients, ventes, finances, les produits, les services, les informations sur les employés et les secrets commerciaux – et les pirates informatiques s’intéressent à ces applications. Le groupe Elephant Beetle a exploité, entre autres, deux vulnérabilités SAP et ainsi voler des millions de dollars à des organisations financières. 

Cette présentation vous offrira un aperçu détaillé de ces activités menaçantes, exposant comment des pirates ont ciblé et exploité activement les applications SAP non sécurisées grâce à un ensemble varié de techniques, d’outils et de procédures.

Les laboratoires de recherche Onapsis et l’équipe SAP Product Security Response Team (PSRT) ont collaboré pour découvrir et corriger trois vulnérabilités critiques qui affectent Internet Communication Manager (ICM), un composant central des applications métier SAP.

Rejoignez cette session pour découvrir pourquoi ce composant est si critique et ce que vous devez faire pour atténuer les risques pour vos applications SAP.

Le webinaire sera en Français.

The Elephant Beetle in the Room: An Advanced Financial Attack Leveraging SAP Vulnerabilities

/in /by

The Elephant Beetle Is Still A Threat

On-Demand

Learn how SAP vulnerabilities were exploited to drain millions of dollars from major financial organizations by an advanced threat group dubbed ‘Elephant Beetle’. In this session we discuss their modus operandi, provide actionable guidelines on how to bolster SAP security processes and how to defeat attacks of this nature in case of a breach. This session provides: 

  • Review of the attack trends & threat landscape in 2022
  • Deep dive into a specific case study of an “Elephant Beetle” attack and Incident Response
  • Key actions you can take to prepare your organization and defeat such attacks
  • Top resources to help support your security effort

About Sygnia & Onapsis

The teams from Onapsis Research Labs and Sygnia Incident Response have been tracking, identifying, and defending against growing threats to business-critical applications. Recently, Sygnia uncovered an organized financial-theft operation leveraging SAP Vulnerabilities. Their tactics, techniques, and procedures echo the trends that The Onapsis Research Labs has observed. Join Onapsis security experts and Sygnia Incident Response industry leaders as we discuss key security tactics the modern enterprise needs to to protect your business.

Together, we’ll review findings from the researchers from Sygnia’s Incident Response team and discuss how these findings affect the applications at the core of your business. You will emerge with a security strategy for your business that extends to and protects your most sensitive—and vulnerable—enterprise resources. 

Sygnia is a cyber services company that provides strategic consulting and incident response support to leading organizations worldwide, including Fortune 100 companies. As a trusted advisor to technology and security teams, management, and boards, Sygnia works with companies to proactively build their cyber resilience and respond and defeat attacks within their networks. To learn more, go to: www.sygnia.co

Onapsis Webinar

Log4j Vulnerability: Threat Intelligence and Mitigation Strategies to Protect Your SAP Applications

/in /by

SAP & Onapsis Cyber Tech Talk Series

ON DEMAND

On Thursday, December 9, a critical vulnerability (CVE-2021-44228) in Apache Log4j, a widely used Java logging library, was made public. Some are calling it “the most significant vulnerability in the last decade.” 

The Onapsis Research Labs maintains a network of sensors that we call the Onapsis Threat Intelligence Cloud. Within 10 days of the initial Log4j attack, Onapsis Research Labs captured over 3,000 attack attempts and observed over 50 variants. With more than 30 SAP applications affected by this vulnerability, it’s important to understand your risk and your exposure points. 

During this session Richard Puckett, Chief Information Security Officer at SAP and Sadik Al-Abdulla, Chief Product Officer at Onapsis discussed:

  • Threat intelligence around the Log4j vulnerability captured by Onapsis Research Labs
  • Implications of the vulnerability on SAP applications
  • Considerations for building comprehensive vulnerability management for SAP and business critical applications

Critical ICMAD Vulnerabilities: Who Is at Risk & How to Protect Your Business-Critical SAP Applications

/in /by

Executive Briefing

ON DEMAND

The Onapsis Research Labs is on a quest to protect the world’s most critical applications at the center of the global economy. Most recently, Onapsis collaborated with SAP Product Security Response Team to discover and patch three critical memory corruption vulnerabilities that affected Internet Communication Manager (ICM), a core component of SAP business applications. If not patched, the series of vulnerabilities, dubbed “ICMAD,” could enable attackers to execute several malicious activities on SAP users, business information, and processes — and ultimately compromise unpatched SAP applications.

Hear from SAP CISO Richard Puckett and Onapsis CEO Mariano Nunez as they discuss how the Onapsis Research Labs and SAP Product Security Response Team worked in close partnership to identify, assess, and mitigate these critical vulnerabilities.

Watch this webinar recording to learn:

  • Details on the ICMAD vulnerabilities discovered
  • The impact on your business
  • Why timely patching of critical vulnerabilities is more important than ever
  • Recommendations for keeping your SAP systems protected

Sitemap  | Terms of Use | Privacy Policy   |  Quality Policy  |  Disclosure PolicySecurity Vulnerability Reporting Guidelines |  ©2025 Onapsis  |  All rights reserved