White Paper: The Critical Controls Implementation for SAP
About the Author
As CTO, JP leads the innovation team that keeps Onapsis on the cutting edge of the Business-Critical Application Security market, addressing some of the most complex problems that organizations are currently facing while managing and securing their ERP landscapes. JP helps manage the development of new products as well as support the ERP cybersecurity research efforts that have garnered critical acclaim for the Onapsis Research Labs. JP is regularly invited to speak and host trainings at global industry conferences, including Black Hat, HackInTheBox, AppSec, Troopers, Oracle OpenWorld and SAP TechEd, and is a founding member of the Cloud Security Alliance (CSA) Cloud ERP Working Group. Over his professional career, JP has led many Information Security consultancy projects for some of the world’s biggest companies around the globe in the fields of penetration and web application testing, vulnerability research, cybersecurity infosec auditing/standards, vulnerability research and more.
View Author Profile
Onapsis, in collaboration with The Cloud Security Alliance (CSA), a not-for-profit organization dedicated to raising awareness of best practices to help ensure a secure cloud computing environment, has completed The Critical Controls Implementation for SAP white paper. The Critical Controls Implementation for SAP is the first in a series of implementation documents that focuses on specific ERP technologies and aids organizations in securely migrating to and operating ERP applications in cloud environments. In this document, the working group focuses on providing guidelines on controls implementation as well as a set of checklists for SAP administrators. Download this white paper now for control implementation guidance on a variety of controls.
Download Now

About the Author
As CTO, JP leads the innovation team that keeps Onapsis on the cutting edge of the Business-Critical Application Security market, addressing some of the most complex problems that organizations are currently facing while managing and securing their ERP landscapes. JP helps manage the development of new products as well as support the ERP cybersecurity research efforts that have garnered critical acclaim for the Onapsis Research Labs. JP is regularly invited to speak and host trainings at global industry conferences, including Black Hat, HackInTheBox, AppSec, Troopers, Oracle OpenWorld and SAP TechEd, and is a founding member of the Cloud Security Alliance (CSA) Cloud ERP Working Group. Over his professional career, JP has led many Information Security consultancy projects for some of the world’s biggest companies around the globe in the fields of penetration and web application testing, vulnerability research, cybersecurity infosec auditing/standards, vulnerability research and more.
View Author Profile
Further Reading
Beyond the Patch: Why SAP Vulnerability Management Is More Than Just SAP Notes
For most SAP Basis and security teams, the second Tuesday of every month brings a familiar ritual: SAP Patch Day. New Security Notes are released by SAP and the race begins to test and deploy fixes before attackers can exploit the newly disclosed vulnerabilities. It’s an essential process. But if your SAP vulnerability management strategy…
Protecting Luxury Brand Equity: Beyond Compliance in SAP Security
Let’s get into the fundamental risks to luxury brand equity. A lot of what this says is bad things can happen. You know, we we it’s all about the relationship, it’s about relationships internally where security practitioners take an objective view of the threat landscape. Architects, you work with your security operations center, you work…
The Accelerating Threat to Luxury SAP Landscapes: Ransomware and Zero-Days
The speed and volume of attacks against business-critical SAP environments have reached unprecedented levels. Luxury brands relying on manual patching or delayed update cycles are finding themselves outpaced by automated, highly motivated adversaries. Watch our Luxury Threat Briefing to see how quickly the threat landscape is evolving, and review the data proving that SAP systems…
