Brian Tremblay, Onapsis Compliance Practice Leader, joins Security & Compliance Weekly to talk about how misconfigurations and vulnerabilities in your mission-critical applications can lead to compliance problems and the need for organizations to adopt a process of continuous compliance. As a former auditor, Brian understands the best practices leaders can use to identify, monitor and mitigate compliance risks. Watch the full podcast episode below with Security Weekly to learn more.
Interested in learning more about how Onapsis can protect your mission-critical applications? Join us at the 2020 Gartner Security & Risk Management Summit, September 14 – 17. Click here to register now!
About the Author
Brian Tremblay leads Onapsis’s Compliance Practice, drawing on over 20 years of experience in internal audit and risk management. As a former Chief Audit Executive, he brings hands-on expertise in preparing organizations for public offerings and implementing critical frameworks like SOX and GDPR. Brian’s deep knowledge of IT General Controls and regulatory compliance enables him to guide customers on mitigating risks related to their business-critical applications. His background at global companies like Raytheon and Deloitte establishes him as a trusted authority on audit-ready SAP systems and bridging the gap between security and compliance.
More about this author
Further Reading
Innovating to Secure the Future of SAP: 2025 Year in Review
Mariano Nunez, Onapsis CEO, reviews 2025 highlights in SAP application security, including cloud innovation, threat intelligence, SOC integration, and a look ahead to 2026.
Holiday Security for Your SAP Systems: Protecting Critical Applications During the Winter Break
As the year winds down, most organizations are focused on closing the books and enjoying the winter break. However, this period of reduced staffing and “code freezes” often creates a dangerous blind spot for SAP security during Winter. While your team is stepping away, threat actors are gearing up to exploit the “holiday lull,” a…
The Year of the Zero-Day: Top SAP Vulnerabilities of 2025
In 2025, the SAP threat landscape shifted permanently. The year was defined by three critical realities: the massive NetWeaver Zero-Day (CVE-2025-31324), a surge in perfect-score deserialization flaws, and a shrinking window of defense where attackers weaponized exploits within hours of disclosure. For security teams, the takeaway from 2025 is clear: traditional patching windows are no…