The Onapsis Blog

The world of business-critical application security is dynamic, with new developments happening on a continuous basis. Check out our blog for recommendations, insights and observations on the latest news for securing your SAP®, Oracle® and Salesforce applications.


SAP Security Patch Day February 2022: Severe HTTP Smuggling Vulnerabilities in SAP NetWeaver

SAP’s February Patch Tuesday brings new extremely critical vulnerabilities in all SAP applications that are based on SAP NetWeaver. SAP, CISA, and Onapsis strongly advise all impacted organizations to prioritize patching these affected systems as soon as possible.

Onapsis CEO Mariano Nunez on CISA Binding Operational Directive 22-01

Onapsis CEO Mariano Nunez weighs in on Binding Operational Directive 22-01 which recommends urgent and prioritized remediation of known exploited vulnerabilities in software and applications and establishes requirements for federal civilian agencies to remediate these vulnerabilities.

SAP Security Patch Day November 2021: Critical Patch for ABAP Platform Kernel

SAP’s November Patch Day contained 11 notes in total with only three new notes above CVSS 7.0, a record low number for the year. Nevertheless, the lower-rated notes should not be left unaddressed as some of these vulnerabilities can be used to launch follow-up attacks, e.g., through impersonation of users or exploiting transport permissions.

Secure your 
business-critical SAP,
Oracle, Salesforce
and SaaS apps

Get a firsthand look at the visibility, reporting and automation capabilities provided by The Onapsis Platform by scheduling a personalized demo with our application security experts.

Request a demo