Onapsis Announces New Product Updates to Strengthen ERP Cybersecurity

The leader in SAP and Oracle Security continues to drive market innovation with a powerful new Security Advisor, based on 14 years of business data and threat research


BOSTON, MA – April 20, 2023 – Onapsis, the market leader in business application cybersecurity and compliance, today announced a series of new product updates for the award-winning Onapsis Platform. Enriched with the impactful threat intelligence that only the Onapsis Research Labs (ORL) can provide, the Onapsis Platform further simplifies business application security for CISOs and CIOs alike with a new Security Advisor, new updates to its Comply product line, and critical enhancements that streamline code security from application development to production.

“As the only cybersecurity and compliance solution endorsed by SAP, Onapsis is proud to lead the charge in helping organizations secure their digital transformation projects. Our continued innovation is all made possible because Onapsis has worked with thousands of global organizations and has more data than anyone else in this space,” said Mariano Nunez, CEO and co-founder of Onapsis. “The expansion of the Onapsis portfolio will provide our customers with critical security capabilities and access to threat intelligence that will greatly enhance their security posture and help them achieve cyber resilience through better risk-driven decision-making, especially as the threat landscape and economic climate become increasingly more volatile.”


The Next Best Thing to Having an Onapsis Expert in Your Security Operations Center (SOC)

Since 2009, Onapsis has worked with thousands of the world’s leading brands and thousands of the largest global organizations to help secure the most critical systems powering the economy. As the undisputed market leader, Onapsis has accumulated a vast, unique, and proprietary knowledgebase of data from security engagements over the past 14 years. With the introduction of the Onapsis Security Advisor, Onapsis is leveraging this deep treasure trove of data and pairing it with advanced machine learning to create a solution that will transform the way clients can make security decisions with the Onapsis Platform. Unlike other vendors’ offerings, this is not reporting or an “executive dashboard”. The Security Advisor leverages the accumulated “best security practices” of thousands of the world’s leading organizations to:

  • Identify gaps in visibility and areas for improvement
  • Highlight areas of unaddressed risk
  • Track effectiveness of response over time
  • Benchmark an organization against others and chart progress
  • Provide highly personalized guidance and insights based on a client’s unique landscape
  • Help security and business leaders better communicate security progress to their leadership and the board.


Reducing the Complexity of Securing Custom Code and Applications

Onapsis has found that the average company has two million lines of custom code within their SAP system with a potential issue present every thousand lines. It’s imperative that organizations take steps to ensure their code is clean, especially before migrating to the SAP S/4HANA cloud. Doing so helps protect their business-critical applications and prevent disruption or costly downtime. Onapsis Control helps AppDev teams “shift left” and embed DevSecOps best practices into their development processes. Onapsis is proud to launch two new versions of Control:

  • Control Central 2.0 is now generally available. This new zero-footprint architecture for Control centralizes policy management and drastically reduces deployment time and maintenance. It’s ideal for ABAP development teams working out of ABAP Workbench to streamline code security.
  • Control for Code 5.4 is the latest version of Onapsis Control, adding a large number of new and updated test cases, enhanced support capabilities, and a new, out-of-the-box (OOTB) One-Click Fix designed to autofix the most common code errors in development. This helps development and quality assurance teams save valuable time, money, and energy.   

On the production side, Onapsis is also launching Assess for Code, a new premium add-on license that expands Assess capabilities by giving organizations valuable insight into vulnerabilities, mis-authorizations, and other security issues found in custom code and applications in their production environments. Onapsis Assess for Code helps identify and mitigate these issues before they become larger problems in production. InfoSec teams can use this to understand the effectiveness of their DevSecOps programs during the software development lifecycle (SDLC) and ensure greater security accountability with the AppDev teams. Together, Assess for Code and Control help organizations better secure custom code, from development to production.


Optimizing Security and Compliance

To further simplify compliance efforts, Onapsis is proud to announce the latest version of Onapsis Comply with new and updated content along with new “a la carte” right-sized packaging, allowing clients to consume only what they need for compliance. Onapsis Comply also integrates with SAP Process Control, further streamlining GRC efforts by preloading compliance policies into the SAP GRC tool.

Additionally, Onapsis Research Labs continues to enrich and infuse the Onapsis Platform with their unique threat intelligence and insights. Onapsis is proud to announce new updates to Onapsis’ Threat Intel Center and Network Detection Rule Pack, including support for the recent P4CHAINS family of vulnerabilities. Additionally, new and enhanced machine learning models that power Onapsis’ anomaly scoring and Security Advisor capabilities are rolling out across the Onapsis Platform. Unlike other vendors, the Onapsis Network Detection Rule Pack is vendor-agnostic, meaning clients aren’t locked into one network security vendor and have greater choice and flexibility when it comes to deploying ORL-powered IDS/IPS rules.

Join the Onapsis team at RSA Conference 2023 from April 24-26 at the San Francisco Moscone Center, Booth N-5434, to learn more about these latest product enhancements as well as how Onapsis is continuing to lead the way in protecting organizations’ most important business assets. Onapsis will also be partnering with NextGen Cyber Talent, a non-profit that educates underprivileged and underserved talent in cybersecurity, during this year’s conference and will be accepting donations at the booth.

For more information on Onapsis and its market-leading business application solutions, please visit: https://onapsis.com/


About Onapsis

Onapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. The Onapsis Platform is powered by the Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications.

Onapsis is headquartered in Boston, MA, with offices in Heidelberg, Germany and Buenos Aires, Argentina, and proudly serves hundreds of the world’s leading brands, including close to 30% of the Forbes Global 100, six of the top 10 automotive companies, five of the top 10 chemical companies, four of the top 10 technology companies, and three of the top 10 oil and gas companies.

For more information, connect with Onapsis on Twitter or LinkedIn, or visit https://www.onapsis.com.

SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP SE in Germany and other countries. Please see https://www.sap.com/copyright for additional trademark information and notices.

Request a Demo from Onapsis

Ready to eliminate your SAP cyber security blindspot?

Let us show you how simple it can be to protect your business applications.

Request a demo