Press Release

Onapsis Appoints Dave DeWalt as Vice Chairman to Board of Directors on Heels of Record 2019 Growth

Onapsis Drives 157% New Annual Recurring Revenue Growth; Customer Base Reaches 20 of Fortune 100 Enterprises; More than 800 Business Application Zero-Day Vulnerabilities Discovered by Onapsis Research Labs

BOSTON – January 22, 2020Onapsis™, the leader in business application protection, today announced the appointment of Dave DeWalt as Vice Chairman to its board of directors. The strategic addition to the Onapsis board immediately follows the company closing a record year of progress, highlighted by 157% year-over-year growth in new annual recurring revenue, 257% growth in expansion revenue, and 90% gross retention rate. Additionally, the Onapsis Research Labs continues to showcase commitment to business-critical application vulnerability research, having discovered and helped mitigate more than 800 zero-day vulnerabilities in SAP and Oracle applications since the company was founded in 2009.  

As the former FireEye and McAfee CEO, DeWalt brings strong experience as a proven industry executive, advisor and investor who has led startups to the Fortune 500. DeWalt helped create more than $20 billion of shareholder value during his more than 15 years as president and CEO of three major companies. As CEO and founder of NightDragon Security, a dedicated cybersecurity investment and advisory firm, he serves as a board member in some of the most innovative companies, including Delta Airlines, Five9, ForeScout, iboss, Cybereason, CallSign, Claroty, Team8, DataTribe, Illusive Networks and Optiv.

“Onapsis is at the forefront of eliminating one of the greatest risks to enterprises today─business-critical applications,” said DeWalt. “Billions of dollars have been spent on securing custom web and mobile applications, as well as solutions to protect corporate networks and assets, yet the off-the-shelf packaged applications that power an organization’s core operations and functions remain seriously exposed. As ERP, CRM, PLM, HCM, SCM and BI applications from SAP®, Oracle®, Salesforce.com®, Workday® and other SaaS platforms are modernized and adoption grows, optimization and protection solutions will become a fundamental requirement.”  

Onapsis’s customer base now totals 300+ global enterprises that include more than 20% of  Fortune 100 companies, six of the top 10 automotive companies, five of the top 10 chemical companies, four of the top 10 technology companies and three of the top 10 oil and gas companies. Additional Onapsis 2019 highlights include:

  • Strong revenue growth, including 157% net new annual recurring revenue, 257% expansion annual recurring revenue and 90% customer retention rate
  • Acquisition of SAP cybersecurity firm Virtual Forge to expand The Onapsis Platform to include custom code and change management protection capabilities
  • The discovery of 66% of the critical vulnerabilities patched by Oracle in EBS, 60% of SAP HANA Security Notes, and the eclipse of 800 business-critical application zero-day vulnerabilities reported and mitigated in partnership with SAP and Oracle
  • The discovery and mitigation of 10KBLAZE, a critical SAP exploit that can lead to full compromise of vulnerable SAP systems at over 50,000 companies across the globe
  • The warning and mitigation of Oracle PAYDAY, a critical Oracle EBS exploit that could allow hackers to gain untraceable control of electronic fund transfers and print malicious bank checks without detection for up to 21,000 companies worldwide
  • Recognition from Deloitte as one of the fastest growing technology companies in North America for three consecutive years (2017, 2018, 2019)
  • Key additions to the senior leadership team including Anshuman Kanwar as General Manager of Products and Technology, Annabel Lewis as Chief Legal Officer, Lynn Shintani as Vice President of Human Resources and Jason Fruge as Vice President of Business Application Cybersecurity
  • Appointment of Gerhard Eschelbeck, former CISO with Google, to the Onapsis board of directors to support the company’s cloud-based business application protection strategy
  • The release of “ERP Security: The Reality of Business Application Protection” with IDC, which found that 64% of ERP deployments have been breached in the last 24 months

“In 2019, we celebrated our first decade in business with our most successful year in the company’s history. Our achievement of triple-digit revenue growth and partnerships with some of the industry’s most recognized brands solidified the importance of business-critical application protection,” said Mariano Nunez, CEO and Co-founder, Onapsis. “Welcoming Dave as Vice Chairman of our Board of Directors is the perfect way to kickoff 2020. He is a world-class leader and operator whose blend of experience and expertise will undoubtedly help us expand our market leadership. I look forward to working with Dave to further catalyze our growth and deliver on our mission of protecting the business-critical applications that power the global economy.

Read more from Mariano Nunez about Onapsis’s year in 2019 and a look into 2020 on the company blog.

With over 92% of the Global 2000 using SAP or Oracle and 77% of the world’s revenue touching these business applications, Onapsis is focused on enabling organizations to continuously monitor ERP, CRM, PLM, HCM, SCM and BI applications from SAP®, Oracle®, Salesforce.com®, Workday® and other SaaS platforms for vulnerabilities and compliance gaps across cloud and on-premises deployments. The Onapsis Platform delivers advanced optimization and protection and is backed by the added power of the Onapsis Research Labs─a dedicated team that detects and shares information regarding threats and vulnerabilities to leading business application systems.

Onapsis is the first and only company to offer a complimentary Business Risk Illustration assessment. The Onapsis Business Risk Illustration provides valuable insights into the existing risk posture of an organization’s business-critical applications, such as SAP and Oracle EBS, custom code and systems. The assessment measures the severity of misconfigurations and vulnerabilities and the risk they pose to the business, providing compliance, IT and security leaders quantitative data that allows them to more effectively communicate and manage business and cyber risk. Learn more about the Onapsis Business Risk Illustration assessment program here.