Onapsis Research Labs

Onapsis Research Labs, our team of offensive security professionals dedicated to hunting down vulnerabilities within ERP applications, has discovered and helped remediate over 1,000 zero day ERP vulnerabilities within SAP and Oracle applications.

Threat actors are exploiting ERP vulnerabilities for financial gain.

What’s spookier than ghosts and goblins? Threats to your company’s ERP systems. Read how unpatched ERP vulnerabilities can still be a target for cyberattacks.

Join Onapsis Research Labs at Troopers Conference for the fundamentals of how to pentest and secure SAP systems. Students will not only learn to assess the security of critical systems by performing tailored penetration testing, but also how to secure and monitor systems from the latest threats. Meet us there!

Research from the Onapsis Research Labs in HTTP Response Smuggling led to the discovery of a set of critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). In this blog, learn how HTTP Response Smuggling works.

Onapsis and SAP partnered on the discovery and mitigation of a set of critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component. Read along for five things you should know about the ICMAD vulnerabilities.

With more than 30 SAP applications affected by Log4j vulnerability, it’s important to understand your risk and build a comprehensive vulnerability management program that includes SAP security.

Onapsis Research Labs discovered a set of extremely critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component. This discovery requires immediate attention by most SAP customers.

Threat group ‘Elephant Beetle’ exploited two SAP vulnerabilities to steal millions of dollars from financial organizations. Here’s what that means for your SAP security.