Onapsis
Onapsis is the global leader in SAP cybersecurity and compliance, trusted by the world’s leading organizations to securely accelerate their SAP cloud digital transformations with confidence. As the SAP-endorsed and most widely used solution to protect SAP, the Onapsis Platform empowers Cybersecurity and SAP teams with automated compliance, vulnerability management, threat detection, and secure development for their RISE with SAP, S/4HANA Cloud and hybrid SAP applications.
Featured Solutions
-
Maximizing Security in RISE with SAP
In this informative presentation featuring Roland Costea, CISO at SAP Enterprise Cloud Services (ECS), and Mariano Nunez, CEO & Co-Founder of Onapsis, you will discover how the people, processes, and technologies at SAP ECS combined with the Onapsis capabilities, empower customers to better secure their Cloud ERP systems and promote long term business resilience.
-
Onapsis Introduces Control Central to Empower New Era of RISE with SAP
Latest security solution providing unmatched, comprehensive SAP code testing capabilities
-
Securing SAP in the Cloud: Best Practices to RISE Above for Enterprise Success
Discover key insights, gain actionable advice, and empower your organization to navigate the cloud securely during this conversation with industry experts from Onapsis and Capgemini.
Featured Content
-
Active Exploitation of a Critical Zero-Day SAP Vulnerability
Active exploitation of a critical zero-day vulnerability (CVE-2025-31324) in the SAP Visual Composer component allows unauthenticated attackers to gain full control over SAP systems, prompting SAP to release an emergency patch and urging customers to either apply it or disable access to the vulnerable component.
-
We Wrote the Book on Cybersecurity
We partnered with SAP Press to deliver the definitive guide to Cybersecurity for SAP
Multimedia Center
-
CH4TTER: How Threat Actors are Targeting SAP for Financial Gain
Onapsis and Flashpoint released a report detailing how cybercriminals are increasingly discussing and targeting SAP applications.
-
SAP Security: Before, During, and After a RISE with SAP Migration Featuring Snohomish PUD
In this webinar, learn how enhanced visibility, automated security scanning, and incident response can augment your team’s ability to inspect what they expect from RISE with SAP, increase business value, and promote risk abatement.
Articles / Case Studies / Videos
-
Understanding Threat Actors Attacking SAP with Onapsis
In April 2024, Onapsis, in collaboration with Flashpoint, released the ‘Ch4tter: Threat Actors Attacking SAP for Profit’ report, emphasizing the evolving cybersecurity risks facing SAP organizations and advocating for proactive measures like penetration testing and ongoing education to mitigate these threats.
-
Beyond Patching: Building a Multi-Layered Defense for Your SAP Landscape
This whitepaper provides SAP users and CISOs with best practices for securing SAP systems, emphasizing the importance of a multi-layered defense strategy that goes beyond traditional patching. It offers insights into the multifaceted aspects of SAP cybersecurity to help organizations protect their critical SAP landscapes. Membership Required You must be a member to access this…
-
Onapsis Announces New Cybersecurity Book to Debut at SAPinsider Vegas 2025
At SAPinsider Vegas, technology leaders will gather to explore SAP landscape optimization and cybersecurity, highlighted by the release of Onapsis’s new book ‘Cybersecurity for SAP,’ co-authored by its CTO and focused on addressing security challenges amid rising cyber threats.
-
From Discovery to Defense – Securing SAP with Onapsis
Mariano Nunez transformed his passion for cybersecurity into leadership at Onapsis, a company he founded to enhance SAP security against evolving cyber threats, emphasizing the necessity of proactive measures and collaborative frameworks as organizations migrate to the cloud.
-
Onapsis Announces New Secure RISE Accelerator
Onapsis has launched the Secure RISE Accelerator to enhance cybersecurity and compliance during RISE with SAP transformations by automating processes, conducting risk assessments, and providing expert support, thus enabling organizations to innovate securely and efficiently.
-
Bolstering Cybersecurity and Resilience with Onapsis
As the average cost of an SAP data breach rises to $10 million, organizations must enhance their cybersecurity strategies by focusing on technology, processes, and skilled personnel, while leveraging RISE with SAP along with Onapsis to effectively manage cloud security risks.
-
Onapsis Announces Security Testing Solution: Control Central
Onapsis has launched Control Central, a new product within its Control suite that enhances application security testing for RISE with SAP transformations by automating code scanning, reducing manual tasks, and aiding organizations in securing their SAP environments against vulnerabilities.
-
Onapsis Announces Enhanced Security Features for SAP BTP
The SAP cybersecurity specialists at Onapsis announced that they have expanded their Control product line to feature a bundle that bolsters the security of SAP Business Technology Platform (BTP). This new solution allows users to automatically scan code for potential threats throughout a number of environments and depositories. The product is available as of Q4…
-
A Year in Review with Onapsis Research Labs: Insights to Inform your 2024 ERP Security Strategy
The A Year in Review with Onapsis Research Labs webinar is for SAP users to gain insights from industry experts for 2023 trends.
-
Fortune 500 Utility Company Partners with Onapsis to Build Security into Their RISE with SAP Transformation and Achieve Secure, On-Time, On-Budget Go-Live
A Fortune 500 utility company, facing challenges with their legacy SAP system, chose the RISE with SAP program for a clean migration to SAP S/4HANA, recognizing the need for enhanced security skills and expertise, and found a trusted partner in Onapsis to provide the necessary support and technology for their transition. Membership Required You must…
-
Anatomy of an Attack: Breaking Down a C2 Incident on SAP
Onapsis Research Labs detailed a security breach where an SAP system was compromised, transformed into a command and control bot through a vulnerability, and used to launch a distributed denial of service attack via Cloudflare.
-
Securing SAP Remote Function Calls: The Crucial Role of S_ICF Authorization
The article discusses the importance of the S_ICF authorization object in SAP systems as a security measure to mitigate RFC hopping attacks by controlling access to RFC destinations and ensuring that only authorized users can initiate function calls, thereby reducing the risk of unauthorized privilege escalation following a cyber attack. Membership Required You must be…
-
Hash Cracking and the SAP Landscape
This article discusses the use of hashing for password security in SAP systems, explaining how hashes are stored, methods for cracking them using tools like JohnTheRipper and Hashcat, and emphasizes the importance of addressing weak hashes and deactivating downward compatibility to enhance data protection.
-
83% of Organizations experienced at least one ransomware attack in the last year
A recent report reveals that 83% of organizations faced ransomware attacks in the past year, with significant impacts on ERP systems, prompting 93% to seek dedicated ERP security solutions, while concerns grow over AI-enhanced threats and organizations increasingly adjusting their cybersecurity strategies and investments.
-
ERP Security for Utility Companies – Onapsis Partners with SNOPUD to Secure Critical SAP Applications
Cyberattacks on utility companies are increasingly targeting vulnerabilities in SAP applications, posing significant financial and operational risks, with the average cost of a data breach reaching $4.72 million. The energy sector, with its sensitive enterprise resource planning (ERP) systems like SAP, is particularly attractive to cybercriminals. Despite this, many utility companies struggle to allocate adequate…
-
Augmenting Existing SAP Network Security with Onapsis
A recent study by Onapsis highlights a 400% rise in ransomware incidents targeting SAP systems, emphasizing the critical need for enhanced security measures to protect these applications. SAP offers various security features, including user authentication, encryption, and monitoring controls like SAProuter. However, if compromised, SAProuter can be an entry point for unauthorized access. Traditional vulnerability…
-
New Report Reveals Evidence of Increased Cybercriminal Interest in ERP Applications
Novel research report from Onapsis and Flashpoint details increasing interest and value of ERP security application vulnerabilities for ransomware and data breaches.
-
Vulnerabilities Affecting SAP AI Services
On July 17th, 2024, Hillai Ben-Sasson, a security researcher from the cloud company WIZ released the results of a research focused on SAP Cloud AI services, which was part of a broader research around mainstream AI cloud providers also including Hugging Face and Replicate. The researcher identified a set of weaknesses in the cloud infrastructure…
-
Lessons from Onapsis-Flashpoint Report and Beyond
In the realm of enterprise resource planning (ERP) systems, security is a constant battleground. Despite the availability of patches for known vulnerabilities, the Onapsis-Flashpoint Ch4tter report sheds light on a worrying trend: increased attack activities on these critical systems.
-
Protecting SAP Solutions from Cyber Threats with Onapsis
Recent SAPinsider research highlights that protecting sensitive data in SAP systems is a major concern for SAP customers. Traditional security efforts focused on managing access, but new research by Onapsis and Flashpoint reveals an increase in cyber threats targeting SAP systems. Ransomware incidents have surged by 400%, and discussions about SAP vulnerabilities on various web…
-
A Risk Driven Approach to SAP Application Security
SAP applications are foundational, business-critical systems. Their importance and overall complexity are exploding in scale, as organizations continue to support legacy systems while simultaneously transitioning to the cloud.
-
Deloitte & Onapsis Strategic Alliance
Deloitte and Onapsis Form Strategic Alliance to Help Shared Clients Secure SAP S/4HANA Cloud®, RISE with SAP® and Cloud ERP Digital Transformations.
-
Onapsis Continues to Set the Standard for More Complete SAP Application Security for RISE with SAP, SAP BTP, and S/4HANA Cloud
Market-defining innovation and comprehensive coverage leads to deeper visibility, stronger controls, and greater risk reduction for F500 SAP Organizations.
-
Onapsis Launches Advanced Security Features for SAP Business Technology Platform
Latest release of Onapsis Assess enhances visibility and scanning for SAP BTP.