The Onapsis Security Platform is the first SAP cyber-security solution that combines vulnerability, compliance, detection and response capabilities that traditional security solutions do not provide.
Through continuous monitoring, the Onapsis Security Platform (OSP) delivers a near real-time preventative, detective and corrective approach for securing SAP systems and applications whether deployed on-premise, or in a private, public or hybrid cloud environment. The Onapsis Security Platform provides unmatched coverage and protection with context-aware insight across SAP NetWeaver, ABAP, J2EE, HANA, and S/4HANA platforms. The platform integrates with network security, security management, SIEM solutions and workflows as well as leading cloud providers. Specific alarms can be sent and windows of vulnerability can be closed as detection and response actions are automatically triggered, including both alerting and actionable mitigation capabilities. The Onapsis Security Platform also enables customers to securely migrate to cloud environments by seamlessly integrating into private, public or hybrid deployments.
- Identifies all SAP infrastructure and generate graphical topology maps showing the connections between systems and applications.
- Assesses risks based on vulnerabilities and tie business context into remediation planning processes.
- Performs audits to identify compliance gaps and enforce requirements based on internal policies and industry regulations.
- Ensures continuous monitoring of threats against the SAP infrastructure whether on-prem, or in a private, public or hybrid cloud environment.
- Provides visibility into attacks, with context, to determine if the attack is likely to be successful.
- Leverages Vulnerability and Compliance results to determine the likelihood and impact of threats against SAP systems.
- Delivers attack signatures to respond to anomalous activity.
- Delivers protection against SAP vulnerabilities for which an SAP security patch/note has not yet been released, to shield the systems against advanced targeted attacks.
- Receives a direct feed of the latest vulnerabilities found and confirmed by the Onapsis Research Labs.
- Detects attempts to exploit zero day vulnerabilities.
Onapsis Security Platform Architecture
The Onapsis Security Platform provides the underlying framework for all Onapsis Solutions to run on top of. All Onapsis solutions can be incorporated into your existing vulnerability management programs and risk/threat detection processes. Key capabilities include:
- Web-based user interface
- Multi-user with role based access
- Private, public or hybrid cloud ready
- Distributed architecture design
- Secure storage and communication of sensitive data
Onapsis has been issued U.S. Patent No. 9,009,837 entitled “Automated Security Assessment of Business-Critical Systems and Applications,” which describes certain algorithms and capabilities behind the technology powering the Onapsis software solutions.
We realized that SAP security is more than just profiles, roles and access rights, and that we needed to cover SAP vulnerabilities at all layers.
Overall, we found Onapsis to be a very advanced example of what a large-scale ERP security auditing system should be.