Onapsis Announces Enhanced Security Features for SAP BTP

The SAP cybersecurity specialists at Onapsis announced that they have expanded their Control product line to feature a bundle that bolsters the security of SAP Business Technology Platform (BTP). This new solution allows users to automatically scan code for potential threats throughout a number of environments and depositories. The product is available as of Q4 2024.

According to an Onapsis press release, the extension of Control for BTP comes with three key features:

• Code Scanning Across SAP Recommended integrated development environments for BTP: Developers rely on integrated development environments (IDEs) like SAP Business Application Studio (SAP BAS), Visual Studio Code, and Eclipse with ABAP Development Tools. Yet working with these outside sources can sometimes introduce risk. The Control extension scans code for issues or vulnerabilities.
• Inline Security “Spell Check” for Developers: The solution also scans code as it is being written in real-time, helping developers speed-up important projects while reducing risk at the same time. It alerts developers to potential issues while providing helpful solutions to address security risks throughout the development process.
• Centralized Git Repository Scanning: Organizations that rely on Git-based workflows are often bogged down by manual work. The Control for BTP tool allows users to centrally manage security by performing either individual scans or bulk scans across multiple Gits, saving time and reducing manual efforts.

“We’re excited to be the first to market with this comprehensive application security solution for SAP BTP,” said Sadik Al-Abdulla, Chief Product Officer of Onapsis. “SAP’s fiscal Q3 cloud revenue is up 25%, demonstrating growing adoption of its cloud services for SAP S/4HANA as companies look to update and modernize their legacy SAP ECC landscapes. As such, securing code throughout the software development lifecycle has never been more critical. With our expanded code security testing capabilities for BTP, we’re empowering developers to proactively find and fix vulnerabilities, ensuring faster, safer and more successful RISE with SAP projects.”

Meeting the Market

As businesses adopt digital-first strategies, they often face challenges such as the need for rapid innovation and providing seamless experiences for customers and employees alike. The SAP Business Technology Platform (SAP BTP) meets these demands by delivering a comprehensive solution that integrates data management, analytics, AI, application development and automation.

With SAP BTP, companies can drive innovation through tools that enable personalized experiences, accelerated app development, and more efficient enterprise planning. SAPinsider’s Data, Integration, and SAP BTP benchmark research report reveals that 44% of organizations use SAP BTP and 51% use BTP services relate to application development. This includes the ABAP environment (51%), SAP Build (35%), and SAP Build Code (20%).

However, this also presents a problem for developers as projects scale raise concerns about security and integrity of the code as it evolves. Organizations often struggle to identify new security issues, relying on manual reviews—or skipping them altogether. Additionally, the tools available to automate SAP ABAP code reviews are often generic and do not support SAP-specific languages and environments, resulting in teams adopting slow, error-prone manual code reviews.