The Onapsis Research Labs detected active exploitation activity related to three vulnerabilities that were already patched by SAP.
Research
Onapsis and SAP Partner to Secure Business
Despite their importance, many organizations lack the proper preventative, detective, and corrective controls to secure a company’s SAP applications, and have a reigning false sense of security provided by generic security products. That’s why Onapsis and SAP have been partnering together to empower executives to mitigate what we believe is one of the most critical types of cyber risk facing organizations.
Attack & Secure SAP Systems with Onapsis Research Labs at Troopers Conference
Join Onapsis Research Labs at Troopers Conference for the fundamentals of how to pentest and secure SAP systems. Students will not only learn to assess the security of critical systems by performing tailored penetration testing, but also how to secure and monitor systems from the latest threats. Meet us there!
Meet the Researcher: Ignacio Favro
Get to know Ignacio Favro, a vulnerability security researcher in Onapsis Research Labs.
An Introduction to The Onapsis Research Labs
Onapsis is the only business-critical application security company that automatically updates products with the latest threat intelligence and security guidance from a dedicated security research team.
How Does HTTP Response Smuggling Work
Research from the Onapsis Research Labs in HTTP Response Smuggling led to the discovery of a set of critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). In this blog, learn how HTTP Response Smuggling works.
ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention
Onapsis Research Labs discovered a set of extremely critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component. This discovery requires immediate attention by most SAP customers.
The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat
Threat group 'Elephant Beetle' exploited two SAP vulnerabilities to steal millions of dollars from financial organizations. Here's what that means for your SAP security.
Log4j Vulnerability & The Impact on SAP Applications
Onapsis Research Labs shares data and threat intelligence surrounding Log4j vulnerability, SAP security, and SAP applications.
Salesforce Security Auditing: An Overview - Login History
In this blog series, Onapsis Research Labs will introduce you to the different types of audit capabilities that Salesforce has, analyze them, and see how they complement each other.