Threat actors are targeting SAP applications through scanning, exploiting and compromising systems vulnerable to RECON. It is expected that most unpatched internet-facing SAP applications have been already exploited and potentially compromised. Act now to protect your mission-critical applications!
Anywhere from 2,500 up to potentially 10,000 internet-facing systems were exposed to RECON at the date of the release of the patch. Considering those numbers and that approximately 30% to 40% of the systems could still be vulnerable (based on estimations of diverse samples), that provides an enormous attack surface and risk. Learn more in our blog post here.
Why our New Partnership with SAP Establishes Onapsis as the Standard for Mission-Critical Application Cybersecurity and Compliance
I am very excited to announce a new partnership with SAP that helps all SAP customers protect their business-critical information and processes, and enables them to securely accelerate their journeys to become intelligent enterprises at a much needed time.
ABAP stands for Advanced Business Application Programming (originally german, Allgemeiner Berichts-Aufbereitungs-Prozessor) and is SAP’s proprietary programming language. ABAP was invented in the late 80s, and 35 years and millions of lines of code later, it’s still here!
In this blog, we cover the 10 top-scoring vulnerabilities from the first half of 2020. Of those, half were detected by Onapsis Research Labs, including the most severe.
To help businesses identify if their systems are vulnerable, Onapsis has released Instant RECON, an online service and downloadable free and open source tool to scan your internal and external SAP instances to identify if it is patched against the RECON vulnerability, and to look for likely indicators of compromise (IoC) from a successful exploit of RECON.
One of the most common tasks an SAP Basis administrator must do is confirm their SAP systems are not missing SAP Security Notes to ensure their systems are not exposed to known vulnerabilities.
SAP code is mostly written in ABAP, and it is an integral part of securing your SAP systems. ABAP developers often struggle to keep up with new and increasing changes and requirements in the fields of code security and code quality, leading to major vulnerabilities or misconfigurations within your SAP system.
Transports are considered an essential part of the SAP environment for day-to-day business. Used to transfer SAP content from one system to another, transports carry incredibly sensitive data, and even a secure production system can be compromised.
Subscribe to our monthly newsletter, the Defender's Digest!Subscribe