Happy AppsMas! Onapsis turned 13 this year and by all accounts, 2022 was a pretty memorable year as we continue our mission of protecting the applications businesses rely on. With cyberattacks on applications growing year over year, Onapsis strives to give our customers the peace of mind of knowing their core business applications are secure, compliant, and available at all times. We look forward to continuing to innovate our platform and expanding our reach to more customers in the years to come. With that, here are some of the highlights from the year.
Joint Research With SAP: ICMAD Vulnerabilities
We began the new year with research from Onapsis Research Labs and SAP, announcing the discovery and patching of critical network exploitable vulnerabilities, dubbed ICMAD (Internet Communication Manager Advanced Desync). Due to the potential threats associated with the ICMAD vulnerabilities, numerous global organizations issued alerts, including the U.S. Cybersecurity and Infrastructure Security Agency (CISA). As a result, added one of these critical SAP vulnerabilities–CVE-2022-22536–to its Known Exploited Vulnerabilities Catalog (KEV).
Onapsis Research Labs Threat Intel Center
In September, this group of researchers launched the Threat Intel Center which connects the Onapsis Threat Intelligence Cloud, a global network of sensors and applications instrumented to capture the activity of attackers exploiting business applications, and deep research conducted by the ORL into a unified, detailed threat intelligence repository. The Threat Intel Center gives organizations the critical advantages of foresight and speed, allowing them to protect the assets that matter most.
1000+ Vulnerabilities Discovered and Helped Remediate
Coming on the heels of our research with SAP and the launch of the Threat Intel Center, ORL reached a key milestone of 1,000 total zero-day vulnerabilities identified in business applications. Onapsis Research Labs is the only team dedicated to hunting down vulnerabilities and monitoring how threat actors attack within enterprise resource planning applications, giving our customers advance pre-patch notifications and remediation. This timely, impactful threat intelligence program gives our customers the latest on current tactics, techniques, and procedures (TTPs) used by threat actors as well as alerts on ransomware campaigns and actionable intelligence for security teams.
New Solution: Onapsis Assess Baseline
This year, the Product team also released Assess Baseline, a SaaS-based and zero-footprint model that accelerates enterprises’ abilities to jumpstart their SAP vulnerability management programs. Assess Baseline is an easy-to-deploy, highly-targeted offering that focuses on the vulnerabilities aligned with the SAP Security Baseline, SAP’s recommended set of minimum security requirements for an organization’s SAP systems. This enables companies of all sizes to accelerate deployment and time-to-value by starting with a core, targeted set of vulnerabilities before taking on a larger scope.
Enhanced Information Security Solutions in Onapsis Assess and Onapsis Defend
To make it easier for cybersecurity teams to protect their critical data, we released a new Network Detection Rule Pack for Onapsis Defend and further enhanced support for SAP SuccessFactors. With our new additions to Onapsis Defend and Onapsis Assess, customers are offered an extra layer of protection and an accelerated time-to-value with a simplified deployment.
New and Updated ERP Security Capabilities in the Onapsis Platform
As organizations continue to evolve their ERP landscapes, they face growing challenges on how to properly secure these critical systems. Our new ERP capabilities deliver security advantages and efficiencies that take a significant burden off of security teams, giving peace of mind that Onapsis is securing what matters most. These ERP security capabilities target three areas for SAP and Oracle customers:
- Operationalize the most impactful and timely global threat intelligence from the Onapsis Research Labs to help guide prioritization and accelerate incident response.
- Eliminate the complexity of ERP security with deeper visibility and greater extensibility
- Elevate and empower teams to make better decisions with the right insights and knowledge
Inc. 5000 List of Fastest Growing Companies
This year marked our second time on Inc. 5000’s prestigious list, a look at the most successful companies within the American economy’s most dynamic segment—its independent small businesses. It was an honor to be named a fastest growing company alongside some of the most world-renowned technology innovators.
'ASTORS’ Homeland Security Awards
The ASTORS Awards recognize the best technology solutions that keep the United States safe and secure. As a trusted partner to government organizations, Onapsis is dedicated to protecting business-critical systems and data. We are honored to be recognized for our cybersecurity achievements in American Security Today’s 2022 ‘ASTORS’ Awards Program for advances in The Onapsis Platform.
One Million Dollars Raised for NextGen Cyber Talent
Solving the cybersecurity talent shortage will take a collective industry-wide effort. During RSA, Onapsis, NightDragon and industry partners worked to raise $1 million to help fund one year of community college courses for Bay Area students pursuing careers in cybersecurity. NextGen Cyber Talent partners with Bay Area community colleges to offer several cohorts of training programs, continuous career development and mentoring, and grants to hundreds of students pursuing cybersecurity education.