At Onapsis, our vision since inception has always been to protect the business-critical applications that organizations rely on to run their businesses. We were the first to research and present on cyberattacks on SAP applications back at Black Hat 2007, and today I am very proud to share that we have taken a step closer to that vision: we are releasing a new product to protect Oracle E-Business Suite (EBS) customers, whether they are running on-prem or in public or hybrid cloud environments.
Since we launched the industry-first Onapsis Security Platform for SAP two years ago, we have had hundreds of the world’s largest organizations, including many of the Fortune 100, adopt our solution and transform their SAP security programs. We have helped these organizations move past the myth that relying on traditional Segregation of Duties controls and database security is enough to protect SAP and helped them holistically protect their crown jewels, bridging the gap between Information Security, SAP Basis and Internal Audit teams.
However, this is not a vendor-specific risk: the security of ERP systems and business-critical applications is a major blind spot at many of the world’s largest organizations. This has become so clear and critical now that Gartner has recognized Business-Critical Application Security in the most recent Application Security Hype Cycle, further solidifying the market need for solving this problem.
Over the past two years, while continuing our commitment to deliver to our SAP customers, we have expanded our Onapsis Research Labs and our experts have been working closely with the Oracle Security Response teams in discovering and helping Oracle produce security patches fixing hundreds of security vulnerabilities in Oracle EBS applications. With this knowledge the research labs have produced our first Onapsis Oracle Security In-Depth publication and have fed this intelligence into the new product.
In addition to this critical research, we have been working closely with Oracle security teams to release security patches for over 150 vulnerabilities with the common goal of securing Oracle EBS applications for our customers.
“Many organizations seek to more easily secure mission-critical business applications and lower their security cost of ownership," said Mary Ann Davidson, Chief Security Officer at Oracle, “The security teams at Oracle and Onapsis have worked collaboratively for a number of years out of a shared desire to help our customers effectively increase their security posture.“
This newly released product will help organizations identify application-level security and compliance risks affecting Oracle EBS, checking for missing security patches, insecure parameters and risky user authorizations. The product will enable organizations to streamline compliance and internal audit mandates, helping them to ensure that their EBS applications are compliant without sacrificing security and reducing costs. Also, we will help organizations prioritize security and compliance risks based on business impact and build a plan to mitigate risks to these critical applications.
For companies running both SAP and Oracle EBS, the Onapsis Security Platform now provides you with a centralized management of the cybersecurity and compliance risks affecting your business-critical applications.
We are past the point where organizations can neglect these business-critical applications or rely on outdated security methods to protect them, the stakes are simply too high. As the leading SAP and Oracle partners in cybersecurity, we are incredibly excited about helping Oracle EBS customers further secure their platforms, while continuing to support and further enable our customers running on SAP.