Press Release

Onapsis to Demonstrate Best Practices for ERP Security with Multiple Events during Black Hat USA 2017

Boston, MA – July 6, 2017 – Onapsis, the global experts in SAP and Oracle application cybersecurity and compliance, today announced that the company will have a significant presence at the 2017 Black Hat USA Conference in Las Vegas, Nevada from July 22-27, 2017. During this event, Onapsis will be showcasing the latest research available in the business-critical application security market booth #116; hosting ERP training sessions; and presenting on the evolution of SAP HANA Security. Now in its 20th year, Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research, development and trends.

“With the ERP cybersecurity market continuing to mature, attackers are progressing the methods in which they use to gain access to an organization’s most critical information stored in these systems. The training I will be leading during Black Hat is a must attend for anyone looking to learn how to assess their SAP systems for platform-specific vulnerabilities and perform the latest protection techniques,” said Juan Perez-Etchegoyen, CTO, Onapsis.

Additionally, to help organizations better understand how to monitor their SAP HANA environment, Onapsis will be delivering a session “The Evolution of SAP HANA Security.” During this session, Pablo Artuso, Security Researcher, will present on the evolution of SAP HANA Security from its beginning to its latest version, 2.0 which was recently released. He will also present on how Onapsis is helping SAP Secure SAP HANA versions for their customers and discuss the latest vulnerability affecting SAP HANA 2.

“During Black Hat 2017, our goal is to improve the methods organizations are using to secure their ERP systems from advanced attacks. We’ll be focusing on best-practices for identifying existing security gaps, and how to effectively mitigate them to proactively protect critical systems such as SAP, SAP HANA, and Oracle,” continued Perez-Etchegoyen.

Onapsis at Black Hat 2017:

ERP Security Training: Assess, Exploit and Defend SAP Platforms

Trainers: Juan Perez-Etchegoyen, CTO, Onapsis, Julian Rapisardi, Senior SAP Security Specialist, Onapsis

When: July 24-25, 2017

Abstract: This course provides the latest information on SAP-specific attacks and protection techniques. After an introduction to the SAP world (previous SAP expertise is NOT required), you will learn through several hands-on exercises how to perform your own vulnerability assessments and penetration tests of your SAP platform to identify existing security gaps.

The Evolution of SAP HANA Security

Presenter: Pablo Artuso, Security Researcher, Onapsis

When: July 26, 2017 | 3:00pm – 3:50pm

Where: Oceanside E, Level 2

Abstract: During this presentation, we’ll analyze the evolution of SAP HANA security from its beginning to its latest version, 2.0, which was recently released. Attendees will understand how the platform evolved through architectural changes, and vulnerability patch management. This presentation will cover the process of vulnerability discovery and evaluation of fixes including some of the critical bugs uncovered by our research team.

About Black Hat USA 2017

Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days of technical Trainings (July 22-25) followed by the two-day main conference (July 26-27) featuring Briefings, Arsenal, Business Hall, and more. For more information, please visit https://www.blackhat.com/us-17/.

About Onapsis

Onapsis cybersecurity solutions automate the monitoring and protection of your SAP applications, keeping them compliant and safe from insider and outsider threats. As the proven market leader, global enterprises trust Onapsis to protect the essential information and processes that run their businesses.

Headquartered in Boston, MA, Onapsis serves over 200 customers including many of the Global 2000. Onapsis’ solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, Deloitte, E&Y, IBM, KPMG and PwC.

Onapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis’ context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. Onapsis has been issued U.S. Patent No. 9,009,837 entitled “Automated Security Assessment of Business-Critical Systems and Applications,” which describes certain algorithms and capabilities behind the technology powering the Onapsis Security Platform™ and Onapsis X1™ software platforms. This patented technology is recognized industry wide and has gained Onapsis the recognition as a 2015 SINET 16 Innovator. For more information, please visit www.onapsis.com, or connect with us on TwitterGoogle+, or LinkedIn.

Onapsis and Onapsis Research Labs are registered trademarks of Onapsis, Inc. All other company or product names may be the registered trademarks of their respective owners