The Onapsis Blog

The world of business-critical application security is dynamic, with new developments happening on a continuous basis. Check out our blog for recommendations, insights and observations on the latest news for securing your SAP®, Oracle® and Salesforce applications.


Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation

The Salesforce Winter ‘21 patch for Aura should remediate the security risk that allowed any authenticated user the ability to use web services exposed with the @auraenabled decorator. However, Onapsis Research Labs has some security concerns that we found within Aura that we’ll be covering in this blog post.

Is Enabling the SSL Connection to Your Java System Enough?

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) is a protocol used to encrypt communications between two entities by exchanging public and private keys to create secure sessions between them. In this blog, I will explain how you can enable SSL (Secure Socket Layer) in your SAP Java system and how you can redirect the HTTP requests to HTTPS protocol.

SAP Security Notes February 2020: Calm Times Are Over—19 New SAP Security Notes and Root Access at Risk

Today, SAP released its monthly patch updates with several fixes, including 12 new SAP Security Notes, 1 High Priority Note, 10 of Medium Priority and 1 with Low Priority. The Onapsis Research Labs contributed more than 30% of the new SAP Security Notes published this month, not considering re-released ones.

Secure your 
business-critical SAP,
Oracle, Salesforce
and SaaS apps

Get a firsthand look at the visibility, reporting and automation capabilities provided by The Onapsis Platform by scheduling a personalized demo with our application security experts.

Request a demo