Back to Vendor Directory

Onapsis

As the only cybersecurity and compliance Endorsed App from SAP, Onapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. Our solutions are powered by Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications. Trusted by 30% of the Forbes Global 100, we are the market leader to accelerate your SAP initiatives securely.

Featured Products

  • The Onapsis Platform

    The Onapsis Platform provides unprecedented visibility into business-critical SAP and Oracle applications.

  • Threat Monitoring & Pre-Patch Protection

    Onapsis Defend - SAP Threat Monitoring & Pre-Patch Protection. Gain an early warning system for unauthorized changes, sensitive data access, misuse, or cyberattacks targeting business-critical SAP applications. Get real-time intel so you can respond faster and prevent serious damage.

  • Attack Surface Management

    Onapsis Assess - Complete ERP Attack Surface Management. Discover vulnerabilities across your critical ERP application landscape and get the risk-based guidance you need to better prioritize and respond faster to issues posing the greatest threats to your business.

Featured Content

  • Ch4tter: Threat Actors Attacking SAP for Profit

    New Intelligence to Protect SAP from Ransomware and Data Breaches, Onapsis and Flashpoint have joined forces to level the playfield, revealing how threat actors are attacking SAP applications. Download our report or listen to our recent webinar

  • SAP GRC Cloud IAG Identity Access Governance Live Demo image

    Don’t Wait Until It’s Too Late

    This article shares insights from SAP experts on what gets in the way of security patching, considerations to keep in mind when migrating to SAP S/4HANA, and best practices for building a security patching framework.

Multimedia Center

  • Onapsis

    Protecting the global economy, one business application at a time.

  • The Defenders Digest

    Everything you need to know in the world of ERP security with The Defenders Digest. Hear directly from Paul Laudanski & JP Perez-Etchegoyen of Onapsis Research Labs as they chat through monthly highlights and need-to-know information around SAP and Oracle security.

Articles / Case Studies / Videos

  • Onapsis

    A Year in Review with Onapsis Research Labs: Insights to Inform your 2024 ERP Security Strategy

    Reading time: 2 mins

    The A Year in Review with Onapsis Research Labs webinar is for SAP users to gain insights from industry experts for 2023 trends.

  • SAPinsider Buyers Guide: Cybersecurity

    Reading time: 1 mins

    Cyberattacks and cybercrime continue to increase in frequency. In SAPinsider’s 2022 Benchmark Report on Cloud Security Trends for SAP Customers, nearly two thirds of respondents indicated their organization had experienced an incident targeting one of their cloud service providers. While these attacks may not always directly affect SAP systems, in an environment of increased digital…

  • Three Initiatives to Secure Digital Transformation Projects

    Reading time: 2 mins

    Digital transformation projects often face challenges when it comes to migrating custom code applications to S/4HANA with Rise with SAP.

  • RISE to the Occasion – Webinar

    As part of RISE with SAP, customers benefit from high-caliber, secure cloud infrastructure and various security services managed by SAP. However, it’s important to remember that there are areas of security that are NOT covered by SAP that you will have to manage yourself.

  • SAP Cyber Hygiene Practices to Protect Your Enterprise’s Business Goals

    In the new technological landscape, nothing is ever internal-only or running on a secure system—including SAP. Hear how using Onapsis as a customer can successfully create a vulnerability management.

  • The Defenders Digest – June 2023

    The Defenders Digest – ERP Security News from Onapsis Hear directly from Paul Laudanski & JP Perez-Etchegoyen of Onapsis Research Labs as they chat through monthly highlights and need-to-know information around SAP and Oracle security. What can you expect once a month? Original threat research, analysis and insights from the Onapsis Research Labs team Industry…

  • The Defenders Digest – July 2023

    The Defenders Digest – ERP Security News from Onapsis Hear directly from Paul Laudanski & JP Perez-Etchegoyen of Onapsis Research Labs as they chat through monthly highlights and need-to-know information around SAP and Oracle security. What can you expect once a month? Original threat research, analysis and insights from the Onapsis Research Labs team Industry…

  • The Defenders Digest – August 2023

    The Defenders Digest – ERP Security News from Onapsis Hear directly from Paul Laudanski & JP Perez-Etchegoyen of Onapsis Research Labs as they chat through monthly highlights and need-to-know information around SAP and Oracle security. What can you expect once a month? Original threat research, analysis and insights from the Onapsis Research Labs team Industry…

  • The Defenders Digest – September 2023

    The Defenders Digest – ERP Security News from Onapsis Hear directly from Paul Laudanski & JP Perez-Etchegoyen of Onapsis Research Labs as they chat through monthly highlights and need-to-know information around SAP and Oracle security. What can you expect once a month? Original threat research, analysis and insights from the Onapsis Research Labs team Industry…

  • The Defenders Digest – October 2023

    This month’s Defenders Digest features insights from JP and Paul specifically around Cybersecurity Awareness Month and Patch Tuesday. What can you expect once a month? Original threat research, analysis and insights from the Onapsis Research Labs team Industry news surrounding ERP application protection Educational security and compliance content

  • Onapsis Assess Baseline – Solution Brief

    Reading time: 1 min

    Jump start your SAP application security.

  • S/4HANA Infographic

    Reading time: 1 min

    Security has traditionally been a blocker for digital transformation projects. But, it doesn’t have to be with the right partner. View this infographic to see more.

  • Onapsis Assess Overview Video

    Complete ERP attack surface management.

  • Onapsis Defend Overview Video

    SAP threat monitoring & pre-patch protection.

  • Onapsis Control Overview Video

    Shift left and accelerate digital transformation.

  • Onapsis Comply Video

    Automatically audit IT controls across your SAP.

  • Onapsis Security Advisor Overview Video

    Accelerate your SAP security journey with AI-Powered, tailored guidance based on 14+ years of SAP and cyber experience.

  • Onapsis Debuts New AI to Boost S/4HANA, RISE and BTP Security

    Reading time: 2 mins

    Onapsis unveils new enhancements to its AI-driven Security Advisor and Broader Platform to advance greater SAP visibility.

  • Onapsis Security

    Onapsis and SNOPUD Team Up on SAP Security Solutions

    Reading time: 1 mins

    Onapsis has partnered with Snohomish County Public Utility District (SNOPUD) to provide SAP security and threat intelligence solutions.

  • tech execs

    How Tech Executives are Leading Organizational and Technology Change – CIO Benchmark Research

    Reading time: 1 mins

    Change has come in many forms for business and tech execs across all industries. Geopolitical events, market forces, changing consumer behavior, and commodity price fluctuations have all put various pressures on decision makers. Add to the fact that technology is rapidly evolving and transitions to new solutions such as SAP S/4HANA and the Cloud have…

  • How Business Leaders are Scaling Platforms and Innovation

    Reading time: 1 mins

    How Business Leaders are Scaling Platforms and Innovation Businesses today are driven to innovate by the pressure to achieve real-time analysis and insights. In response to dynamic requirements from customers and a desire to be agile and future-ready, they are moving to the cloud, to software-as-a-service environments, and adopting new technologies such as SAP S/4HANA.…

  • SAP change management automation – Why? image

    On-Demand: How Leaders Manage Organizational and Technological Change on the Path to S/4HANA and the Cloud

     
     

    How Leaders Manage Organizational and Technological Change on the Path to SAP S/4HANA and the Cloud Change and transformation have become clichés in today’s discussion of business and technology challenges. Leaders have never had to manage such a mix of economic, market, and geopolitical pressures. This has forced executives to rapidly renovate their core infrastructure…

  • Getting Ready for the SEC’s Proposed Rules on Cybersecurity

    Reading time: 8 mins

    Learn how to accommodate the potential new rules proposed by the SEC in March of 2020. The National Institute of Standards and Technology (NIST) had released its publication on Integrating Cybersecurity and Enterprise Risk Management (ERM). The intent highlighted there was to help organizations better “identify, assess, and manage their cybersecurity risks in the context…

  • security

    Cloud Security Fundamentals

    Reading time: 6 mins

    SAP workloads are moving to the cloud at an accelerating rate, with 50% of those currently running on-premise likely to move in the next two years. While some will go into software-as-a-service environments, the bulk of SAP workloads moving to the cloud will go into infrastructure-as-a-service environments. This type of environment requires a different approach…

  • Recap of “Evolving Your SAP Security and Compliance Strategy in the Era of Cloud and SAP S/4HANA”

    Reading time: 3 mins

    By Annie Kennedy, Associate Conference Producer Jason Fruge (JF), Vice President, Business Application Cybersecurity at ‎Onapsis, was the expert in the Q&A titled “Evolving Your SAP Security and Compliance Strategy in the era of Cloud & SAP S/4HANA,” which aired live on day 1 of SAPinsider’s 2020 Virtual Conference Experience. Although Jason is a more than 20-year security practitioner,…

  • The Secure Transformation to SAP HANA

    Reading time: 1 mins

    Is SAP HANA really the new big thing? Developed in 2008 by the Hasso Plattner Institute and Stanford University, SAP HANA was introduced in 2010—in the same year as the iPad. It’s hard to imagine our lives without the latter, but the adoption of SAP HANA technology is advancing much more slowly. SAP has approximately…

  • cybersecurity

    High Profile Vulnerabilities in SAP Applications and How to Be Prepared

    Reading time: 7 mins

    Enterprise software is complex due to its nature and interconnectivity to business processes. On top of that, software is created by humans, which means that vulnerabilities are inevitable. Those affect SAP technology will ultimately impact the business and should be properly managed from a risk perspective. This article, written by a cybersecurity expert, explains a…

  • Simply Securing a System Is No Longer Sufficient

    Reading time: 5 mins

    By Robert Holland, VP Research, SAPinsider Securing an SAP system used to involve checking access and process controls and ensuring that the most recent SAP Notes had been applied. Now it involves not only ensuring that the system itself is up to date but must address cybersecurity and compliance issues as well. The Threat Landscape…

  • Security Notes

    Onapsis Partners with SNOPUD to Safeguard SAP Applications and Ensure Uninterrupted Services for Utilities Customers

    Reading time: 1 mins

    Onapsis, a business application security leader based in Boston, has partnered with Snohomish County Public Utility District (SNOPUD) to enhance SAP security and threat intelligence through the Onapsis Research Labs (ORL). SNOPUD aims to bolster its SAP security as it implements the Connect Up program, a three-year initiative to upgrade meters in homes and businesses.…

  • Clovity

    SAP Security Patch Day June 2023: Cross-Site Scripting Takes Center Stage

    Reading time: 2 mins

    In June, SAP released thirteen new and updated patches, with four of them categorized as High Priority Notes. The main focus of these patches was on addressing Cross-Site Scripting (XSS) vulnerabilities in various components. Eight notes specifically targeted XSS vulnerabilities, while two High Priority Notes (#3326210 and #3324285) focused on the SAPUI5 component. Additionally, Onapsis…

  • Discovering and Patching SAP Vulnerabilities with Onapsis

    Reading time: 2 mins

    Cybersecurity threats are pervasive and constantly evolving. New technologies come with unforeseen gaps that malicious actors can exploit. This can lead to significant financial and reputational harm that enterprises may take years to recover from. Fortunately, companies do not have to contend with these vulnerabilities alone. Cybersecurity leader Onapsis recently highlighted two significant potential security…

  • Managing Risk in the Cloud with Global Apparel Manufacturer Gains Visibility and Threat Intelligence for SAP HEC

    Reading time: 1 min

    A large international apparel manufacturer running multiple independent, in-house SAP systems around the world wanted to implement an additional system to cover new geographical regions, but this time running on the SAP HANA Enterprise Cloud (HEC).   Download the Apparel Manufacturer Case Study

  • Customer Success Story: A leading European technology trading group mitigates SAP Cyber security risks with managed service from 1DigitalTrust

    One of Europe’s leading technology trading groups within products and systems for industrial applications has secured its SAP systems all over Europe with an Onapsis cybersecurity solution delivered by 1DigitalTrust as a managed service to avoid expensive downtime to its business.   Download Customer Success Story Here

  • Case Study: Time To Build Secure, Compliant, SAP Applications

    A global chemical company relies on SAP for their business-critical applications and leverages custom code development to support their organization. However, the organization struggled to keep up their development cycles at a pace that aligned with the speed of their business. A manual code review process with no way to check transports for errors, led…

  • Cybersecurity Threats to SAP Systems 2023

    Reading time: 1 mins

    In 2023, the focus of cybersecurity strategies for SAP systems shifted away from ransomware and malware attacks to addressing unpatched systems, concentrating on addressing system vulnerabilities over attack vectors. Exploring the details behind these changes, SAPinsider revealed some interesting in year-over-year trends during its third year of research on cybersecurity threats. Increasing regulatory compliance requirements,…