Onapsis and SAP Partner to Secure Business

Did you know that Onapsis is SAP’s chosen partner for cybersecurity in business-crucial SAP applications?

Hear directly from SAP on how we’re proactively working together to protect the global economy.

New Threat Intelligence | Ransomware | Log4j | ICMAD

April 2021: Onapsis and SAP Partner to Release New Threat Intelligence on Active Threats

In our first joint report, Onapsis and SAP outlined a critical cybersecurity blind spot impacting how many organizations protect their business-critical SAP applications. Our research showed that not only has the threat landscape grown in recent years, but threat actors have gotten more sophisticated using well-known exploits, and the window for defenders has gotten increasingly smaller.

December 2021: Onapsis and SAP Work Together to Protect SAP Applications from Ransomware

There’s one thing that was clear through 2021 and it’s that cybercriminals love a holiday. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert that threat actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends. To prepare our customers for potential attacks over the 2021 holiday season and beyond, SAP and Onapsis outlined several key steps organizations can take to minimize the risk of an attack on their business-critical SAP applications.

January 2022: Onapsis and SAP Share Threat Intelligence on Log4j

Since we became aware of Log4j, Onapsis worked around the clock to understand the impact of this vulnerability on some of the most widely used SAP products. Onapsis and SAP partnered together for a customer session on protecting SAP applications from the threat of Log4j.

February 2022: Onapsis and SAP Partner to Discover and Patch Critical ICMAD Vulnerabilities

Onapsis and SAP partnered on the discovery and mitigation of a set of three vulnerabilities affecting the SAP Internet Communication Manager (ICM) component in SAP business-critical applications. The ICMAD vulnerabilities require immediate attention by most SAP customers. One of the vulnerabilities, CVE-2022-22536, received the highest possible risk score, a 10 out of 10. As a result, CISA has issued a Current Activity Alert. If exploited, these vulnerabilities enable attackers to execute serious malicious activities on SAP users, business information, and processes — and ultimately compromise unpatched SAP applications.

Ready to eliminate your SAP cyber security blindspot?

Let us show you how simple it can be to protect your business applications.

Contact Us

Safeguarding Tomorrow: Empowering SAP Customers with Advanced Cyber Risk Management

Securing SAP Business Technology Platform (BTP)

The Book on Cybersecurity for SAP

Critical SAP Zero-Day Vulnerability Under Active Exploitation (CVE-2025-31324)

Your S/4HANA Cloud Journey