Onapsis Research Labs shares data and threat intelligence surrounding Log4j vulnerability, SAP security, and SAP applications.
Thumbnail
Salesforce Security Auditing: An Overview - Login History
In this blog series, Onapsis Research Labs will introduce you to the different types of audit capabilities that Salesforce has, analyze them, and see how they complement each other.
Thumbnail
Black Hat 2021: Onapsis Research Labs Shares Learnings
Onapsis Research Labs shares their experiences and learnings from their SAP training session at Black Hat 2021.
Thumbnail
Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation
The Salesforce Winter ‘21 patch for Aura should remediate the security risk that allowed any authenticated user the ability to use web services exposed with the @auraenabled decorator. However, Onapsis Research Labs has some security concerns that we found within Aura that we’ll be covering in this blog post.
Thumbnail
Introducing SAP Management Console: Concepts and General Considerations
The SAP Management Console (SAP MC) provides a common framework for centralized system management. It allows you to monitor and perform basic administration tasks on the SAP system centrally, which simplifies system administration.
Thumbnail
Is Enabling the SSL Connection to Your Java System Enough?
Secure Sockets Layer (SSL)/Transport Layer Security (TLS) is a protocol used to encrypt communications between two entities by exchanging public and private keys to create secure sessions between them. In this blog, I will explain how you can enable SSL (Secure Socket Layer) in your SAP Java system and how you can redirect the HTTP requests to HTTPS protocol.
Thumbnail
SAP Security Notes: Looking Back at 2019 and Forward to 2020
There is no doubt that ERP systems will increasingly become a preferred target of cyberattacks. SAP and Onapsis have taken multiple measures so that customers are best prepared for the challenges of 2020. Here is some of what we learned in 2019 and what we can expect in 2020.
Thumbnail
ERP Security & IT General Controls: Questions Every Organization Needs to Ask
A recent IDC survey reports that 64% of organizations have suffered an ERP system breach in the past 24 months. To ensure that your organization has the proper processes and controls in place to keep SAP and Oracle E-Business Suite business-critical applications secure and in compliance, we are providing guidance and questions to ask.
Thumbnail
Securing Your Business Applications: Are You Prepared?
Have you ever gotten a puzzled look from friends/family when you tell them you help secure ERP systems? I know, that’s as esoteric as it gets, even in the cybersecurity world, and yet the topic is of great importance, as many organizations rely heavily on business-critical applications to operate successfully.
Thumbnail
Automating SOX Controls Testing
With ERP systems, such as SAP and the Oracle E-Business Suite (EBS) at the core of your business, these systems also must be a focus of your SOX audit. Business-critical applications including your financials are supported by your ERP systems and issues can easily become material weakness. As a result, it is necessary to stay up-to-date regarding what different industries are doing to protect the integrity of financial statements while reducing the costs of implementing and testing the internal controls.
