Onapsis Resources
Access our in-depth hub of resources on ERP security reports, webinars, podcasts, and more.
Shift Left: Five Reasons Why You Should Extend DevSecOps to Your SAP Environment
What is DevSecOps? It is the integration of security best practices into the application development lifecycle. As digital transformation projects accelerate the creation of new code and applications, security often takes a backseat to business application output. With the average SAP system containing over 2 million lines of custom code, large global enterprises are increasingly…
The ERP Black Box: Five Reasons Why Your Vulnerability Management Program Must Include Your ERP Landscape
Often seen as a “black box” for several reasons, SAP and Oracle application landscapes present significant challenges for modern security professionals, resulting in a layered security approach around critical systems. However, neglecting to include these ERP applications in your vulnerability management program makes your organization more vulnerable to security breaches and data loss. In this…
P4CHAINS: Unpacking the Impact of Vulnerabilities Affecting SAP P4
Onapsis Security Researchers led to the identification of a family of vulnerabilities dubbed ‘P4CHAINS.’
Onapsis Research Labs Briefing: The Latest Threats to SAP Applications July 2023
Join the Onapsis Research Labs for a look back at an extremely active year of threats so far in 2023.
Cyber Tech Talk Features: Eliminating SAP Security Blind Spots with NIST
In this webinar we discuss a strong foundational strategy to protect SAP environments where they are most vulnerable–the application layer.
Watch The Defenders Digest
Hear directly from Paul Laudanski & JP Perez-Etchegoyen of Onapsis Research Labs as they chat through monthly highlights around SAP and Oracle security.
Onapsis Control Central
Application security testing for SAP ABAP applications. Step-by-step remediation instructions and integrations with SAP ABAP developer tools accelerate time to vulnerability identification and remediation. A centralized policy engine enables streamlined deployment and management.
Onapsis Control for Transports
Transport security testing for SAP, including the ability to check development objects, system settings, application configuration, and data within transports. Step-by-step remediation instructions and integrations with development and change management tools identify flawed transport requests. This cannot only prevent system downtime and damage to systems if errors are imported into production but also save associated costs.
Threat briefing – P4CHAINS (en français)
Dans ce webinaire, l’un de nos chercheurs détaillera cette série de vulnérabilités (P4CHAINS) et proposera nos consignes de sécurité pour y remédier.