Onapsis Webinar

Critical SAP RECON Vulnerability: Who Is At Risk & How to Protect Your Business

Protecting SAP from the Latest RECON Vulnerability 

ON DEMAND

SAP’s July Security Notes include a fix for a critical vulnerability – CVSS score of 10 out of 10 – named RECON. Successfully exploiting RECON could give an unauthenticated attacker full access to the affected SAP system, including the ability to modify financial records, view personal identifiable information (PII), corrupt data, delete or modify logs and traces, and other actions that put essential business operations and regulatory compliance at risk. 

The Onapsis Research Labs first identified this vulnerability in May 2020 and has worked closely with the SAP Security Response Team on a mitigation strategy. More than 40,000 SAP customers may be vulnerable to RECON, with upwards of 2,500 Internet-facing systems facing even greater risk. 

Attend this session to learn:

  • Details on the RECON vulnerability
  • The business impact
  • Why patching is so important
  • Recommendations for keeping SAP protected
Onapsis Webinar

BigDebIT Vulnerabilities in Oracle EBS - Impact & Remediation Deep Dive

Oracle E-Business Suite BigDebIT 

ON DEMAND

The Oracle EBS BigDebIT vulnerabilities were discovered and reported by The Onapsis Research Labs and covered in Oracle’s January 2020 Critical Patch Update (CPU). An attack on the BigDebIT vulnerabilities can be unauthenticated, which would bypass existing Segregation of Duties (SoD) and access controls and other security controls many organizations rely on to cause fraud, theft and disruption.

This session will cover the recent Onapsis Threat Report highlighting a serious example of what a potential attack on Oracle General Ledger would mean to an organization’s financials—presenting a deficiency in IT general controls for Sarbanes-Oxley (SOX) compliance for publicly-traded companies. 

Attend this session to learn:

  • How to protect Oracle EBS and your organization
  • How more than 21,000 organizations using Oracle EBS may be at risk and the associated security and compliance impact
  • Details on the BigDebIT vulnerabilities and the example attack scenario on Oracle General Ledger
SAP ABAP Code Quality Benchmark

SAP ABAP Code Quality Benchmark

SAP code, mostly written in the ABAP programming language, is an integral part of securing SAP systems. Complexities in the system make it difficult to ensure the code meets requirements. This e-book highlights just how common code issues are and their negative impact on security, compliance, performance and stability. 

Download the e-book to review key findings from Onapsis research, including how many lines of custom code an average SAP system has and how many of those may contain critical security and compliance issues!
 

Onapsis Webinar

SAP Security: 5 Challenges of the CIO

Managing Up Means Understanding The Role of Your CIO

ON DEMAND

The Chief Information Officer (CIO) holds responsibility for all IT decisions affecting the company, a task that has increased in complexity since the early days of the internet. A strong company needs a developed IT strategy to remain connected and competitive. The complexity of these IT projects, including digital transformation, is higher than ever.

Onapsis Webinar

Protiviti: Transform Your Business With Confidence by Tackling Your Cyber Risks Using Onapsis

Transformation-Proof Your SAP Applications with Onapsis and Protiviti

ON DEMAND

Growing demand for intelligent, available, and accurate data is fueling organizations to carry out digital transformation activities. SAP transformations, such as S/4HANA migration, are key drivers for growth, but also create and expose organizations to significant risk. To properly manage risk before, during, and post transformation, organizations should have defined cybersecurity programs to ensure proper protection of critical business data.

This joint session with Protiviti will lay the foundation for proper cyber program activities and detail how the Onapsis platform provides the required capabilities to defend against risk and drive growth during transformations. We will explore the current threat landscape for SAP tools, such as known SAP vulnerabilities, and discuss their associated business impacts. The Onapsis platform mitigates risk through automated assessments, continuous monitoring, and ongoing governance.

A live demo of key Onapsis capabilities will be performed to demonstrate how vulnerabilities, such as ABAP or HANA code, can be eliminated with tools such as their CodeProfiler.

Cybersecurity programs need not be an afterthought. Ensure your organization is properly preparing for digital transformation with strategic risk activities.

Onapsis Webinar

How to protect your SAP landscape against hackers

Understanding the Biggest Threats from External Attackers

ON DEMAND

Are you aware that common misconfigurations in SAP may allow an attacker to compromise your SAP system in less than 60 seconds? Did you know that public exploits for business-critical applications have increased 100% since 2015?

Attend this session to:

  • See how an attacker can infiltrate your SAP system by abusing well-known misconfigurations
  • Understand the most common attack vectors towards your SAP landscape
  • Learn how you can protect yourself by using SAP security automation and alerting