Get to know Ignacio Favro, a vulnerability security researcher in Onapsis Research Labs.
Thumbnail
Thumbnail
An Introduction to The Onapsis Research Labs
Onapsis is the only business-critical application security company that automatically updates products with the latest threat intelligence and security guidance from a dedicated security research team.
Thumbnail
How Does HTTP Response Smuggling Work
Research from the Onapsis Research Labs in HTTP Response Smuggling led to the discovery of a set of critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). In this blog, learn how HTTP Response Smuggling works.
Thumbnail
ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention
Onapsis Research Labs discovered a set of extremely critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component. This discovery requires immediate attention by most SAP customers.
Thumbnail
The Elephant Beetle in the Room: Older, Unpatched SAP Vulnerabilities Are Still A Threat
Threat group 'Elephant Beetle' exploited two SAP vulnerabilities to steal millions of dollars from financial organizations. Here's what that means for your SAP security.
Thumbnail
Log4j Vulnerability & The Impact on SAP Applications
Onapsis Research Labs shares data and threat intelligence surrounding Log4j vulnerability, SAP security, and SAP applications.
Thumbnail
Salesforce Security Auditing: An Overview - Login History
In this blog series, Onapsis Research Labs will introduce you to the different types of audit capabilities that Salesforce has, analyze them, and see how they complement each other.
Thumbnail
Black Hat 2021: Onapsis Research Labs Shares Learnings
Onapsis Research Labs shares their experiences and learnings from their SAP training session at Black Hat 2021.
Thumbnail
Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation
The Salesforce Winter ‘21 patch for Aura should remediate the security risk that allowed any authenticated user the ability to use web services exposed with the @auraenabled decorator. However, Onapsis Research Labs has some security concerns that we found within Aura that we’ll be covering in this blog post.
Thumbnail
Introducing SAP Management Console: Concepts and General Considerations
The SAP Management Console (SAP MC) provides a common framework for centralized system management. It allows you to monitor and perform basic administration tasks on the SAP system centrally, which simplifies system administration.
