Listen to the Head of SAP at Sanofi, Frederic Maille, discuss his journey to secure SAP, including how he aligned internal teams, utilized Onapsis to determine the company’s level of risk and took actions to implement a cybersecurity program for this business-critical application. “We are an SAP shop because we have SAP everywhere,” says Maille, “…from the CRM [to the] ERP.” “Onapsis helped me to go fast… when we started to identify that we have to secure our SAP system, we really didn’t know how to start…the first idea was to start to set up a detection part.” Listen to how the Onapsis acquisition of Virtual Forge also enabled Sanofi, a customer of theirs, to improve their ERP cybersecurity and compliance strategy.
About the Author
Virginia Peterson is a strategic leader in the cybersecurity space, specializing in the intersection of business-critical application security and digital transformation. At Onapsis, she focuses on translating complex SAP threat intelligence into actionable insights for enterprise leaders. By bridging the gap between technical security operations and business stakeholders, Virginia helps organizations understand the urgency of protecting their core ERP landscapes from evolving cyber threats.
More about this author
Further Reading
How Mandiant and Google Cloud Are Transforming SAP Cybersecurity Collaboration
Securing SAP environments requires bridging the gap between network perimeter defenses and application-layer intelligence. Recently, industry leaders from Mandiant (part of Google Cloud) and Onapsis highlighted how strategic partnerships are reshaping cybersecurity defenses for business-critical applications. This collaboration strengthens incident response, accelerates threat intelligence sharing, and equips Security Operations Centers (SOCs) to defend the entire…
Compliance and Prevention Are Best Friends: How Custom Code Security Drives Verifiable Governance
Modern enterprise compliance requires a shift from reactive auditing to automated, software-driven prevention at the custom application layer. As regulations like NIS2, the Cyber Resilience Act (CRA), and the EU AI Act enforce secure-by-design architectures, organizations must implement strict control planes for their custom ABAP code. Integrating automated application security testing into the development lifecycle…
The Truth About SAP Security Architecture: Why Embedded Tools Are a Single Point of Failure
Protecting enterprise core business processes requires resilient architecture. The latest data from the IBM Cost of a Data Breach Report shows the average global breach lifecycle stretches to 241 days. Organizations face severe financial penalties for slow threat containment. An architectural security failure stalls supply chains, disrupts financial closes, and brings operations to a complete…
