SAP & Onapsis White Paper

Mitigating the Threat of Ransomware to Business-Critical SAP Applications

As more reports of ransomware affecting enterprise organizations populate the headlines, customers of both SAP and Onapsis have inquired around guidance and best practices to help them prepare and protect their business-critical SAP applications from ransomware attacks.

These are valid concerns, because with so much relying on these critical SAP systems, any ransomware attack affecting SAP applications could have significant impact on the business.

This document by Onapsis and SAP is our joint effort to introduce our customers to this topic and summarize steps they can take today to protect business-critical systems and mitigate this very real threat. This white paper covers:

The SAP application vulnerabilities most commonly exploited by threat actors
10 preventive controls to consider as part of a ransomware security strategy
Best practices for detective and reactive controls specific to endpoint detection and response (EDR) and backups
The 4 stages of responding to a ransomware attack

Safeguarding Tomorrow: Empowering SAP Customers with Advanced Cyber Risk Management

Securing SAP Business Technology Platform (BTP)

The Book on Cybersecurity for SAP

Critical SAP Zero-Day Vulnerability Under Active Exploitation (CVE-2025-31324)

Your S/4HANA Cloud Journey

Mitigating the Threat of Ransomware to Business-Critical SAP Applications