Active SAP Exploitation Activity Identified by Onapsis, CISA & SAP

The Onapsis Research Labs continuously monitors the evolving SAP threat landscape to rapidly identify elevated risk, trending threat behavior and activity, and vulnerabilities that are being leveraged by attackers to compromise business applications. The Onapsis Research Labs observed active exploitation attempts against three existing and previously patched SAP vulnerabilities. These vulnerabilities are remotely exploitable through the HTTP(s) protocol and have publicly available exploits and PoCs which facilitate its exploitation. This session with SAP, CISA and Onapsis covers the latest developments in the Threat Landscape for SAP business-critical applications, including:

• The assets organizations can leverage from CISA to help with securing application
• Which vulnerabilities are currently being exploited by threat actors
• Tactics and behaviors that threat actors may exhibit when exploiting these vulnerabilities on unpatched SAP applications
• How you can leverage Onapsis technology to protect your SAP applications