Resources

Volume XI: SAP End-User Tools: The Weakest Link to Sensitive Data

When thinking of SAP security we tend to always think of SAP servers and pay little attention to the tools used by end-users...

Learn More

Publications

Volume X: Pivoting Through SAP Systems

Every organization running SAP to support its business-critical processes has typically implemented several systems in complex...

Learn More

Videos

Onapsis CEO Mariano Nunez interviewed by Richard Stiennon

IT Harvest 2015 Video Interview Series. San Francisco, CA.

Learn More

Publications

Volume IX: Assessing and Defending SAP BusinessObjects

Implementing proper security controls for a BusinessObjects implementation is a complex process. There are a number of moving...

Learn More

Publications

Volume VIII: Transport Management System – Highway to Production

In all SAP implementations there are many reasons why organizations would need to make changes and updates on a regular basis;...

Learn More

Publications

Volume VII: Preventing Cyber-attacks Against SAP Solution Manager

By design the SAP Solution Manager is connected to all SAP systems (i.e. ERP, CRM, BI, etc), making it a critical component...

Learn More

Publications

Volume V: Our Crown Jewels Online – Attacks targeting SAP Web Applications

While the comment, SAP platforms are only accessible internally, was true in many organizations more than a decade ago, today,...

Learn More

Publications

Volume IV: The Invoker Servlet – A Dangerous Detour into SAP Java Solutions

SAP Application Servers Java, supported by the J2EE Engine, serve as the base framework for running critical solutions such...

Learn More

Publications

Volume II: SAP Knowledge Management - The Risks of Sharing

SAP Knowledge Management (SAP KM) is a central component of the SAP Enterprise Portal, enabling the information extracted...

Learn More

Safeguarding Tomorrow: Empowering SAP Customers with Advanced Cyber Risk Management

Securing SAP Business Technology Platform (BTP)

CH4TTER: Threat Actors Attacking SAP Applications

Anatomy of an Attack: C2 Incident on SAP

Your S/4HANA Cloud Journey

Onapsis Resources

Volume XI: SAP End-User Tools: The Weakest Link to Sensitive Data

Volume X: Pivoting Through SAP Systems

Onapsis CEO Mariano Nunez interviewed by Richard Stiennon

Volume IX: Assessing and Defending SAP BusinessObjects

Volume VIII: Transport Management System – Highway to Production

Volume VII: Preventing Cyber-attacks Against SAP Solution Manager

Volume V: Our Crown Jewels Online – Attacks targeting SAP Web Applications

Volume IV: The Invoker Servlet – A Dangerous Detour into SAP Java Solutions

Volume II: SAP Knowledge Management - The Risks of Sharing