Onapsis Resources
Access our in-depth hub of resources on ERP security reports, webinars, podcasts, and more.
Cybersecurity for SAP – Rethinking Risk, Readiness, and Resilience
Watch the authors of “Cybersecurity for SAP”, JP Perez-Etchegoyen and Gaurav Singh, as they talk you through their book and explore how to assess real-world threat scenarios, system-level vulnerabilities, and develop tools for a more robust enterprise cybersecurity strategy.
ASUG Talks Roundtable: Cybersecurity in the Cloud
As SAP customers migrate to the cloud, cybersecurity is a critical component of those transformation projects. Moving your IT ecosystem and sensitive organizational data from bare-metal, on-premises environments into the cloud requires a dedicated security approach, especially as threat actors’ efforts grow more sophisticated. In this ASUG Talks Roundtable, we dig into how enterprises should…
SAP a l’heure du Cloud : Comprendre et appliquer le modèle de responsabilité partagée
Sécurisez SAP dans le cloud et comprenez le modèle de Responsabilité Partagée de RISE avec Onapsis.
SAP Cybersecurity Q&A with Authors Gaurav Singh and Juan Perez-Etchegoyen
Authors Gaurav Singh and Juan Perez-Etchegoyen recently took part in the SAP PRESS Book Club webinar series, where they answered reader questions about cybersecurity for SAP over the course of an hour.
Executive Threat Overview: Critical Zero-Day SAP Vulnerabilities Under Active Global Exploitation
By exploiting these vulnerabilities, unauthenticated threat actors can gain unrestricted remote access to SAP business-critical data and
Threat Briefing Report: Critical SAP Vulnerabilities (CVE-2025-31324 and CVE-2025-42999) Under Active Mass Exploitation
This consolidated threat advisory [TLP:CLEAR] is provided to support defenders in their assessment of exposure and compromise against the active mass exploitation of SAP security vulnerabilities CVE-2025-31324 and CVE-2025-42999.
Securing SAP in the Cloud: Best Practices to RISE Above for Enterprise Success
Discover key insights, gain actionable advice, and empower your organization to navigate the cloud securely during this conversation with industry experts from Onapsis and Capgemini. Join us for an educational conversation where we delve into the world of SAP security in the cloud. As enterprises increasingly migrate their SAP systems to the cloud, it becomes…
Critical SAP Zero-Day Vulnerability Under Active Exploitation (CVE-2025-31324)
Active exploitation against a zero-day vulnerability in SAP systems in the wild. Evidence of active attacks against this vulnerability has been observed by ReliaQuest, Onapsis Threat Intelligence, and confirmed by multiple IR firms in recent active investigations. SAP published an emergency security patch on April 24, 2025 to address this issue. The vulnerability is of…
Onapsis and Mandiant: Latest Intelligence on Critical SAP Zero-Day Vulnerability (CVE-2025-31324)
SAP defenders were briefed on an active exploitation campaign targeting a critical CVSS 10.0 vulnerability (CVE-2025-31324). The attack campaign was executed against SAP systems around the world. Thanks to rapid response from SAP, a security patch was released quickly. However, the ongoing impact of this orchestrated attack campaign remains far-reaching and the threat of further…