Press Release

Onapsis Exhibits Solutions for Securing at Risk ERP Systems and Presents Best Security Practices for SAP Systems Password Recovery at Black Hat USA 2018

Leaders in business-critical applications security will be at booth #1601 showcasing the latest research and options for securing organizations’ SAP and Oracle applications.

BOSTON, July 11, 2018Onapsis, the global experts in ERP and business-critical application cybersecurity and compliance, today announced they will exhibit at Black Hat USA 2018 in Las Vegas, Nevada, August 8 – 9. Experts from Onapsis will be at booth #1601 ready to discuss cybersecurity for ERP systems and will also present a speaking session on the latest research from the Onapsis Research Labs.

Following the release of a report detailing recent research providing evidence of cybercriminals targeting business-critical ERP systems, such as SAP and Oracle, Onapsis will showcase solutions to enable organizations to protect their crown jewels. The report, published in conjunction with digital risk management firm Digital Shadows, provides evidence that hacktivists, cyberattackers and nation-state threat actors are actively targeting ERP systems. The research raises awareness around the risks and threats to organizations if they do not have a formal cybersecurity plan for their ERP applications.

The team at Onapsis will be available during Black Hat to schedule a time to discuss the research report, as well as other best practices for securing ERP systems.

Speaking Session Details

Who: Nahuel Sanchez, Security Researcher, Onapsis Research Labs What: Hacking SAP HANA Through its Password Recovery System When: Wednesday, August 8th, 1:50 PM

Session Details: Almost all modern systems implement a password recovery mechanism. Most of these implementations are designed from scratch and do not align to an industry standard, leading to a recipe for disaster. As business-critical application security leaders, the Onapsis Research Labs has been analyzing how the most common vulnerabilities affecting these implementations can affect an ERP environment such as SAP.

During this presentation, the most common problems and errors affecting password recovery systems will be described and a live demonstration of a critical vulnerability affecting SAP HANA Self-Service will be shown.

About Onapsis

Onapsis cybersecurity solutions automate the monitoring and protection of ERP systems SAP and Oracle, keeping these business-critical applications compliant and safe from insider and outsider threats. As the proven market leader, global enterprises trust Onapsis to protect the essential information and processes that run their businesses.

Experts at the Onapsis Research Labs were the first to lecture on SAP cyberattacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. This patented technology is well known, industry wide, and has gained Onapsis recognition on the Deloitte Technology Fast-500, as a Red Herring North America Top 100 company and a SINET 16 Innovator.

Headquartered in Boston, MA, Onapsis serves over 200 customers including many of the Global 2000. Onapsis’s solutions are also the de-facto standard for leading consulting and audit firms such as Deloitte, IBM, Infosys and PwC.

For more information, please visit, or connect with us onTwitter,Google+, orLinkedIn.