New Network Detection Rule Pack Extends Onapsis Threat Intelligence and Detection to the Network Layer

We recently announced the availability of a new Network Detection Rule Pack for Onapsis Defend, our SAP threat monitoring solution. Let’s take a closer look at what’s included in the subscription and the value of extending SAP threat monitoring to the network layer. 

What’s in the Network Detection Rule Pack for Onapsis Defend?

Onapsis Defend includes over 2,000 detection rules to identify a range of activity, such as user access misuse or abuse, system misconfigurations, indicators of compromise (IOCs) or known exploits, dangerous RFC or program executions, and more. These rules are based on threat intelligence from the industry-leading Onapsis Research Labs–the most impactful and prolific supplier of vulnerability research to SAP. Over the past two years, their research was responsible for the detection and patching of 40% of critical SAP Security Notes. To date, they’ve discovered well over 800 zero-day vulnerabilities in business-critical applications, including the recent, critical ICMAD vulnerabilities affecting SAP Internet Communication Manager. 

Onapsis Research Labs has observed that an increasing number of threats targeting SAP applications have network-exploitable components. In a defense-in-depth security model, CISOs welcome additional layers of security and with this new annual subscription Onapsis threat intelligence is applied directly at the network layer. The Network Detection Rule Pack offers a regularly-updated set of vendor-agnostic and open-source Snort rules for network-based exploits. Instead of limiting our integration to one particular vendor, these rules can be imported into any Snort-compatible network monitoring technologies (e.g., firewalls, IDS, IPS).  

The Value of Bringing Industry-Leading Onapsis Threat Intel to the Network Layer

The proactive and powerful threat intelligence from Onapsis Research Labs provides Defend customers with critical advantages of foresight and speed, including the ability to monitor for exploit activity against both zero-days and known, unpatched vulnerabilities. Now, with the new Network Detection Rules Pack, Onapsis Defend customers can harness the power of this threat intelligence to their network monitoring technologies and gain pre-patch protection for the most critical and network-detectable vulnerabilities in SAP. 

Monitoring for threats at the network layer means malicious or suspicious activity can be detected before the traffic even touches the SAP system, allowing for even faster response times. Given the importance of these systems, the critical business operations they support, and the sensitive data running through them, this is an area where every second counts. 

Over the last 10+ years, Onapsis Research Labs has become the world’s leading threat research group for business-critical application security, resulting in six U.S. DHS critical alerts and a knowledgebase of over 10,000 vulnerabilities and attacks. With the release of the Onapsis Defend Network Detection Rule Pack, you can now extend this powerful threat intel to more layers of your technology stack and gain an additional line of defense against the growing number of cyberattacks targeting your business-critical applications.  Learn more about Onapsis threat monitoring here or request a demo to see how you can get started.