The Onapsis Blog

The world of business-critical application security and compliance is dynamic, with new developments happening on a continuous basis. Read our blog posts for recommendations, insights and observations on the latest news for safeguarding your SAP® and Oracle® applications.


New Year, New API: A New Onapsis API for Custom Workflows & Integrations

While the Onapsis product team has been hard at work modernizing the front-end of The Onapsis Platform, we have also had feedback from our customers that an API experience is just as important. Building on that, Onapsis is pleased to introduce a newly-developed GraphQL-based public API.

Dangers in SAP Transport Management Part 2

The first article of this series spoke about the global deactivation of authorization checks for single authorization objects per transport. A similar risk results from the possibility of deactivating authorization checks transaction-specifically. With this method, it is even more difficult to detect an attack, as the impact can be limited to one transaction.

New SAP Exploit Published Online: How to Stay Secure?

The Onapsis Research Labs has identified a functional exploit affecting SAP which was published on GitHub, making it publicly available for malicious purposes. A successful attack exploiting this vulnerability would put an organization’s mission-critical SAP applications, business process and data at risk—impacting cybersecurity and regulatory compliance.

Request a
Business Risk Illustration


Prevent application downtime and costly business disruption

Request an Assessment

Eliminate resource consuming manual audit processes

Request an Assessment

Reduce vulnerabilities and misconfiguration to protect the business

Request an Assessment