Anywhere from 2,500 up to potentially 10,000 internet-facing systems were exposed to RECON at the date of the release of the patch. Considering those numbers and that approximately 30% to 40% of the systems could still be vulnerable (based on estimations of diverse samples), that provides an enormous attack surface and risk. Learn more in our blog post here.
Thumbnail
Why Our New Partnership With SAP Establishes Onapsis as the Standard for Mission-Critical Application Cybersecurity and Compliance
I am very excited to announce a new partnership with SAP that helps all SAP customers protect their business-critical information and processes, and enables them to securely accelerate their journeys to become intelligent enterprises at a much needed time.
Thumbnail
SAP Security Patch Day September 2020: Critical Patches Published for SAP Marketing and SAP NetWeaver AS ABAP
Today, SAP released its monthly patch updates with several fixes, including four HotNews Notes and two High Priority Notes.
Thumbnail
SAP Security Patch Day August 2020: SAP Knowledge Management Affected by Two Critical Patches
Today, SAP released its monthly patch updates with several fixes, including two HotNews Notes and six High Priority Notes.
Thumbnail
10 Recommendations for Better ABAP
ABAP stands for Advanced Business Application Programming (originally german, Allgemeiner Berichts-Aufbereitungs-Prozessor) and is SAP’s proprietary programming language. ABAP was invented in the late 80s, and 35 years and millions of lines of code later, it’s still here!
Thumbnail
Top 10 SAP Vulnerabilities in 2020 Ranked by CVSS Score
In this blog, we cover the 10 top-scoring vulnerabilities from the first half of 2020. Of those, half were detected by Onapsis Research Labs, including the most severe.
Thumbnail
Onapsis Provides All SAP Customers with Free RECON Vulnerability Scanning Tool
To help businesses identify if their systems are vulnerable, Onapsis has released Instant RECON, an online service and downloadable free and open source tool to scan your internal and external SAP instances to identify if it is patched against the RECON vulnerability, and to look for likely indicators of compromise (IoC) from a successful exploit of RECON.
Thumbnail
SAP Security Patch Day July 2020: Critical Update Required for RECON Vulnerability
Today, SAP released its monthly patch updates with several fixes, including new details about the critical RECON vulnerability.
Thumbnail
Changing Properties in SAP NetWeaver Java
The purpose of this blog post is to explain the different types of properties existing in an SAP NetWeaver for Java system, as well as the different hierarchies along with their release versions.
Thumbnail
How to Setup a Policy to Automate an Audit of SAP Security Notes
One of the most common tasks an SAP Basis administrator must do is confirm their SAP systems are not missing SAP Security Notes to ensure their systems are not exposed to known vulnerabilities.
