CONTACT US
Search
CONTACT US
Onapsis Webinar

Critical SAP RECON Vulnerability: Who Is At Risk & How to Protect Your Business

/in /by

Protecting SAP from the Latest RECON Vulnerability 

ON DEMAND

SAP’s July Security Notes include a fix for a critical vulnerability – CVSS score of 10 out of 10 – named RECON. Successfully exploiting RECON could give an unauthenticated attacker full access to the affected SAP system, including the ability to modify financial records, view personal identifiable information (PII), corrupt data, delete or modify logs and traces, and other actions that put essential business operations and regulatory compliance at risk. 

The Onapsis Research Labs first identified this vulnerability in May 2020 and has worked closely with the SAP Security Response Team on a mitigation strategy. More than 40,000 SAP customers may be vulnerable to RECON, with upwards of 2,500 Internet-facing systems facing even greater risk. 

Attend this session to learn:

  • Details on the RECON vulnerability
  • The business impact
  • Why patching is so important
  • Recommendations for keeping SAP protected
Onapsis Webinar

BigDebIT Vulnerabilities in Oracle EBS - Impact & Remediation Deep Dive

/in /by

Oracle E-Business Suite BigDebIT 

ON DEMAND

The Oracle EBS BigDebIT vulnerabilities were discovered and reported by The Onapsis Research Labs and covered in Oracle’s January 2020 Critical Patch Update (CPU). An attack on the BigDebIT vulnerabilities can be unauthenticated, which would bypass existing Segregation of Duties (SoD) and access controls and other security controls many organizations rely on to cause fraud, theft and disruption.

This session will cover the recent Onapsis Threat Report highlighting a serious example of what a potential attack on Oracle General Ledger would mean to an organization’s financials—presenting a deficiency in IT general controls for Sarbanes-Oxley (SOX) compliance for publicly-traded companies. 

Attend this session to learn:

  • How to protect Oracle EBS and your organization
  • How more than 21,000 organizations using Oracle EBS may be at risk and the associated security and compliance impact
  • Details on the BigDebIT vulnerabilities and the example attack scenario on Oracle General Ledger
SAP ABAP Code Quality Benchmark

SAP ABAP Code Quality Benchmark

/in /by
Download eBook

Does 70% of Your Custom Code Have Critical Issues?

The average SAP system runs on nearly four million lines of custom ABAP code, creating a massive and often invisible risk surface. While essential for business, these customizations can introduce critical issues that impact security, compliance, performance, and stability. This exclusive report from the Onapsis Research Labs analyzes the state of custom code across hundreds of real-world SAP systems to reveal just how common these problems are.

In This Research Report, You’ll Find:

  •  Exclusive data showing that, on average, 70% of custom ABAP programs have at least one critical issue.
  • The average number of critical code issues found in a typical SAP system (118).
  • An in-depth analysis of the Top 5 most common and dangerous code vulnerabilities, including Code Injection and Missing Authorization Checks.
  • The direct impact of poor code quality on Security, SOX Compliance, System Performance, and Stability.
  • Actionable guidance on how to implement a strategy for secure SAP development.

About the Research

The findings in this report are based on anonymized data from applications scanned by the Onapsis Platform. The research was conducted by the Onapsis Research Labs, the world’s leading team for SAP threat intelligence and vulnerability research.

Onapsis Webinar

SAP Security: 5 Challenges of the CIO

/in /by

Managing Up Means Understanding The Role of Your CIO

ON DEMAND

The Chief Information Officer (CIO) holds responsibility for all IT decisions affecting the company, a task that has increased in complexity since the early days of the internet. A strong company needs a developed IT strategy to remain connected and competitive. The complexity of these IT projects, including digital transformation, is higher than ever.

Onapsis Webinar

Protiviti: Transform Your Business With Confidence by Tackling Your Cyber Risks Using Onapsis

/in /by

Transformation-Proof Your SAP Applications with Onapsis and Protiviti

ON DEMAND

Growing demand for intelligent, available, and accurate data is fueling organizations to carry out digital transformation activities. SAP transformations, such as S/4HANA migration, are key drivers for growth, but also create and expose organizations to significant risk. To properly manage risk before, during, and post transformation, organizations should have defined cybersecurity programs to ensure proper protection of critical business data.

This joint session with Protiviti will lay the foundation for proper cyber program activities and detail how the Onapsis platform provides the required capabilities to defend against risk and drive growth during transformations. We will explore the current threat landscape for SAP tools, such as known SAP vulnerabilities, and discuss their associated business impacts. The Onapsis platform mitigates risk through automated assessments, continuous monitoring, and ongoing governance.

A live demo of key Onapsis capabilities will be performed to demonstrate how vulnerabilities, such as ABAP or HANA code, can be eliminated with tools such as their CodeProfiler.

Cybersecurity programs need not be an afterthought. Ensure your organization is properly preparing for digital transformation with strategic risk activities.

Onapsis Webinar

How to protect your SAP landscape against hackers

/in /by

Understanding the Biggest Threats from External Attackers

ON DEMAND

Are you aware that common misconfigurations in SAP may allow an attacker to compromise your SAP system in less than 60 seconds? Did you know that public exploits for business-critical applications have increased 100% since 2015?

Attend this session to:

  • See how an attacker can infiltrate your SAP system by abusing well-known misconfigurations
  • Understand the most common attack vectors towards your SAP landscape
  • Learn how you can protect yourself by using SAP security automation and alerting

Sitemap  | Terms of Use | Privacy Policy   |  Quality Policy  |  Disclosure PolicySecurity Vulnerability Reporting Guidelines |  ©2025 Onapsis  |  All rights reserved