Upgrading SAP Security with Onapsis Research Labs

190 results

  1. Artificial Intelligence Exploits Vulnerabilities in Systems with an 87 percent Success Rate

    Based on a newly released paper published by researchers at the University of Illinois, Artificial Intelligence agents can combine large language models with automation software to autonomously analyze and exploit security vulnerabilities. During the research, OpenAI’s GPT-4 large language model was able to successfully exploit 87 percent of vulnerabilities when provided with a CVE advisory…

  2. Discovering and Patching SAP Vulnerabilities with Onapsis

    Cybersecurity threats are pervasive and constantly evolving. New technologies come with unforeseen gaps that malicious actors can exploit. This can lead to significant financial and reputational harm that enterprises may take years to recover from. Fortunately, companies do not have to contend with these vulnerabilities alone. Cybersecurity leader Onapsis recently highlighted two significant potential security…

  3. FBI and CISA Issue Alert for Threat Actors Actively Exploiting SQL Injection Vulnerabilities

    The FBI and CISA issued an alert this week to urge organizations to urgently address SQL injection vulnerabilities in software.

  4. The Invoker Servlet: A Practical Case for Protecting Your SAP Systems from Vulnerabilities

    Learn the steps to take to close the security gap potentially opened in SAP systems by the Invoker Servlet vulnerability. Key Concept On May 11, 2016, the Department of Homeland Security (DHS) issued the first-ever United States Computer Emergency Readiness Team (US-CERT) Alert (TA16-132A) for SAP applications. This CERT Alert was issued due to multiple...…

  5. Reinforcing SAP Security Controls in a Landscape of Vulnerabilities

    Advanced persistent threats, bugs like RECON, and even your insiders pose a growing challenge in securing SAP. Are your existing roles and controls enough to stop these threats? Likely not. While sufficient from a governance perspective, organizations must do more to combat threats that are circumventing existing measures. In this session, learn how you can…

  6. Preventing SAP Security Vulnerabilities

    The move to SAP S/4HANA comes with its own set of challenges. As SAP landscapes evolve to support business-critical processes with enhanced controls for managing and monitoring, there is an increased need for comprehensive approaches and platforms that cover all aspects of security, including data and application to detect complex cyberattack patterns and anomalies in…

  7. The Power of Prevention

    The onset of COVID-19 in 2020 ushered a new workforce paradigm in which normal security patching operations were left vulnerable to cyberattacks. Today’s remote, cloud-based environment requires a level of security awareness and prevention that brings together SAP, customers and external security researchers. Aditi Kulkarni, Product Security Senior Specialist for SAP Labs India, provides a…

  8. Vulnerability Management: A Cybersecurity Strategy That Pays Dividends

    In today’s rapidly evolving digital landscape, understanding the importance of vulnerability management is paramount. With interconnected systems and the escalating threat of cyberattacks, taking proactive measures to identify, prioritize, and address vulnerabilities is crucial for safeguarding your organization’s assets and reputation. Discover how implementing a comprehensive vulnerability management solution, such as Vulnerability Management by oXya,…

  9. How to Protect Your Data from Today’s Biggest Cybersecurity Threats: Q&A on Managing Security in Your SAP Landscape

    Modern enterprises are facing a perfect storm of increasingly sophisticated technology, changing regulations, and cybersecurity attacks that are rapidly growing in their scale, scope, and speed. In today’s technology landscape, cloud and mobile connectivity to SAP systems demand more than just network firewalls and perimeters to effectively protect your applications, and auditors and compliance managers...…

  10. The Missing Link: Compliance at the Code Level

    Establishing security processes, developer training, and tools right from day one of development projects leads to initially higher investments. However, the savings resulting from lower cost for corrections and lower risk for cyber attacks in the final product are going to outweigh the initial investments substantially. See some examples of insecure code issues and some...…