The Onapsis Blog

The world of business-critical application security is dynamic, with new developments happening on a continuous basis. Check out our blog for recommendations, insights and observations on the latest news for securing your SAP®, Oracle® and Salesforce applications.

Thumbnail

Salesforce Aura: Potential Vulnerabilities in the ‘Without Sharing’ Annotation

The Salesforce Winter ‘21 patch for Aura should remediate the security risk that allowed any authenticated user the ability to use web services exposed with the @auraenabled decorator. However, Onapsis Research Labs has some security concerns that we found within Aura that we’ll be covering in this blog post.
Thumbnail

Is Enabling the SSL Connection to Your Java System Enough?

Secure Sockets Layer (SSL)/Transport Layer Security (TLS) is a protocol used to encrypt communications between two entities by exchanging public and private keys to create secure sessions between them. In this blog, I will explain how you can enable SSL (Secure Socket Layer) in your SAP Java system and how you can redirect the HTTP requests to HTTPS protocol.
Thumbnail

ERP Security & IT General Controls: Questions Every Organization Needs to Ask

A recent IDC survey reports that 64% of organizations have suffered an ERP system breach in the past 24 months. To ensure that your organization has the proper processes and controls in place to keep SAP and Oracle E-Business Suite business-critical applications secure and in compliance, we are providing guidance and questions to ask.
Thumbnail

Automating SOX Controls Testing

With ERP systems, such as SAP and the Oracle E-Business Suite (EBS) at the core of your business, these systems also must be a focus of your SOX audit. Business-critical applications including your financials are supported by your ERP systems and issues can easily become material weakness. As a result, it is necessary to stay up-to-date regarding what different industries are doing to protect the integrity of financial statements while reducing the costs of implementing and testing the internal controls.
Request a Demo from Onapsis

Ready to eliminate your SAP cyber security blindspot?

Let us show you how simple it can be to protect your business applications.

Request a demo