Reports

Onapsis Security Researchers led to the identification of a family of vulnerabilities dubbed ‘P4CHAINS.’

This article is the result of research done by the Onapsis Research Labs in 2023. It covered the standard capabilities provided in SAP systems to register evidence of user activity and attacks.

Change has come in many forms for business and IT leaders across all industries. Geopolitical events, market forces, changing consumer behavior, and commodity price fluctuations have all put various pressures on decision makers.

Onapsis Research Labs’ thorough investigation of HTTP Response Smuggling over the last year led to the recent identification of the ICMAD vulnerabilities. Read the threat report from Onapsis Research Labs to understand: Onapsis worked closely with SAP’s Product Security Response Team to discover and patch these critical vulnerabilities. Both companies believe that all unpatched SAP applications…

A critical cybersecurity blind spot impacting how many organizations protect their business-critical SAP applications is detailed in this joint report from Onapsis and SAP. Learn how threat actors are actively targeting these unprotected SAP applications.

Onapsis has discovered and worked with SAP to release a patch for the RECON vulnerabilities, affecting a component included in many SAP applications.

Oracle BigDebIT vulnerabilities put thousands of organizations at risk. Onapsis threat research has discovered this major financial and compliance risk to companies who may not have the latest patch from Oracle.

Based on hundreds of SAP implementation assessments and the proprietary threat intelligence of Onapsis, we estimate these exploits could affect 9 out of 10 SAP systems of more than 50,000 customers worldwide. We recommend you review and apply all relevant SAP security notes immediately.

How are organizations truly managing cybersecurity risks in their Oracle E-Business Suite ecosystem?