Threat actors are targeting SAP applications through scanning, exploiting and compromising systems vulnerable to RECON. It is expected that most unpatched internet-facing SAP applications have been already exploited and potentially compromised. Act now to protect your mission-critical applications!
Anywhere from 2,500 up to potentially 10,000 internet-facing systems were exposed to RECON at the date of the release of the patch. Considering those numbers and that approximately 30% to 40% of the systems could still be vulnerable (based on estimations of diverse samples), that provides an enormous attack surface and risk. Learn more in our blog post here.
Why our New Partnership with SAP Establishes Onapsis as the Standard for Mission-Critical Application Cybersecurity and Compliance
I am very excited to announce a new partnership with SAP that helps all SAP customers protect their business-critical information and processes, and enables them to securely accelerate their journeys to become intelligent enterprises at a much needed time.
SAP Security Patch Day September 2020: Critical Patches Published for SAP Marketing and SAP NetWeaver AS ABAP
Today, SAP released its monthly patch updates with several fixes, including four HotNews Notes and two High Priority Notes.
To help businesses identify if their systems are vulnerable, Onapsis has released Instant RECON, an online service and downloadable free and open source tool to scan your internal and external SAP instances to identify if it is patched against the RECON vulnerability, and to look for likely indicators of compromise (IoC) from a successful exploit of RECON.
It’s clear that many factors are working together to put the applications at the heart of your business at risk, but how much and in what ways? How can you identify and understand the business impact of the issues within your environment?
One of the most common tasks an SAP Basis administrator must do is confirm their SAP systems are not missing SAP Security Notes to ensure their systems are not exposed to known vulnerabilities.
SAP code is mostly written in ABAP, and it is an integral part of securing your SAP systems. ABAP developers often struggle to keep up with new and increasing changes and requirements in the fields of code security and code quality, leading to major vulnerabilities or misconfigurations within your SAP system.
Today, SAP released its monthly patch updates with several fixes, including 23 new SAP Security Notes, 2 HotNews Notes and 5 High Priority Notes.
Subscribe to our monthly newsletter, the Defender's Digest!Subscribe