Research

The Onapsis Blog

The world of business-critical application security is dynamic, with new developments happening on a continuous basis. Check out our blog for recommendations, insights and observations on the latest news for securing your SAP®, Oracle® and Salesforce applications.

The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat

01/10/2022 | By

Onapsis Research Labs

JP Perez-Etchegoyen

|

Research

The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat

Threat group 'Elephant Beetle' exploited two SAP vulnerabilities to steal millions of dollars from financial organizations. Here's what that means for your SAP security.

Read more about The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat

The Log4j Vulnerability and The Impact on Business-Critical SAP Applications

12/20/2021 | By

Onapsis Research Labs

|

Research

The Log4j Vulnerability and The Impact on Business-Critical SAP Applications

Onapsis Research Labs shares data and threat intelligence surrounding Log4j vulnerability, SAP security, and SAP applications.

Read more about The Log4j Vulnerability and The Impact on Business-Critical SAP Applications

Salesforce Security Auditing: An Overview - Login History

11/23/2021 | By

Onapsis Research Labs

|

Research

Salesforce Security Auditing: An Overview - Login History

In this blog series, Onapsis Research Labs will introduce you to the different types of audit capabilities that Salesforce has, analyze them, and see how they complement each other.

Read more about Salesforce Security Auditing: An Overview - Login History

08/13/2021 | By

Onapsis

|

Research

Black Hat 2021: Onapsis Research Labs Shares Learnings

Onapsis Research Labs shares their experiences and learnings from their SAP training session at Black Hat 2021.

Read more about Black Hat 2021: Onapsis Research Labs Shares Learnings

Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation

07/01/2021 | By

Onapsis

|

Research

Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation

The Salesforce Winter ‘21 patch for Aura should remediate the security risk that allowed any authenticated user the ability to use web services exposed with the @auraenabled decorator. However, Onapsis Research Labs has some security concerns that we found within Aura that we’ll be covering in this blog post.

Read more about Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation

Introducing SAP Management Console: Concepts and General Considerations

10/16/2020 | By

Juan Pablo Accinelli

Gonzalo Roisman

|

Research

Introducing SAP Management Console: Concepts and General Considerations

The SAP Management Console (SAP MC) provides a common framework for centralized system management. It allows you to monitor and perform basic administration tasks on the SAP system centrally, which simplifies system administration.