At Onapsis, we’re not only solution leaders—we’re also thought leaders. Here you’ll find a growing library of materials to help you build your cyber resilience strategy. The more light we can shed on business-critical application security and compliance, the better you can drive your business forward, confidently.

Volume XI: SAP End-User Tools: The Weakest Link to Sensitive Data

Please fill out the form to download.

When thinking of SAP security we tend to always think of SAP servers and pay little attention to the tools used by end-users that connect to most of our SAP Systems, as well as the way those tools are used. Outside the SAP security world it is well accepted that attackers are no longer targeting servers directly, but rather are focusing on client-side attacks which could potentially allow escalation to the servers. During the last year, several malware attacks targeting SAP systems were discovered but received little attention in the moment of discovery.

SAP End-User Tools: The Weakest Link to Sensitive Data analyzes multiple weaknesses that could affect end-user applications related to SAP such as the SAPGUI client, and other tools that are commonly used by SAP end-users. Additionally this publication specifies which sensitive data and credentials could be stolen, and outlines the context in which these weaknesses could be exploited. Each weakness is explored in detail with advice on workarounds and fixes.

Request a
Business Risk Illustration


Prevent application downtime and costly business disruption

Request an Assessment

Eliminate resource consuming manual audit processes

Request an Assessment

Reduce vulnerabilities and misconfiguration to protect the business

Request an Assessment