HomeCompanyEvents & Webinars

Onapsis Latest Publications


SAP Security In-Depth Vol.4

Read Case Study


Westinghouse Electric

Events & Webinars

Upcoming Events


March 20 | 2014

Onapsis Special Webcast: Our CEO’s RSA 2014 Presentation, Too Critical to Fail: Cyber-attacks targeting ERP, CRM, SCM and HR Systems

Onapsis Logo

Join Onapsis for our upcoming special webcast taking place on Thursday, March 20th at 2:00pm. This webcast will feature our CEO, Mariano Nunez repeating his popular RSA 2014 presentation, “Too Critical to Fail: Cyber-Attacks on ERP, CRM, SCM and HR Systems”. During this webcast, Mariano will share live demos, war stories and best-practices about how to protect your organization from these threats. Also, attendees will learn ways to communicate the importance of mitigating threats targeting the technical layer of your organization’s business critical applications, going beyond traditional SoD and GRC controls. Register Here

March 17 | 2014

Troopers 14 and BIZEC SAP Security Track

Troopers Logo

Troopers14 is the seventh edition of the great IT-Security Conference, where the world's leading IT-Security experts and Hackers present their latest research. Juan Perez-Etchegoyen, Onapsis' CTO and Will Vandevanter, Sr. Security Researcher will be hosting the talk: Hiding the Breadcrumbs: Anti-forensics on SAP Systems.

In addition to the talk, the 3rd Annual BIZEC Workshop will take place on March 18th. This workshop, focused on SAP Security will feature leading companies and researchers and provide a full day security track.

March 18 | 2014

SAP GRC

Logo
Visit the Onapsis booth at the upcoming SAP GRC conference to meet Onapsis executives, learn how our products integrate with GRC and view demo's of Onapsis X1.

March 24 | 2014

2014 General Audit Management Conference

Logo

The General Audit Management (GAM) Conference will bring together CAEs, audit committee and board members, and financial and executive management from around the world to gain exclusive insights, discuss challenges and strategies, and network with other top audit executives. Visit Onapsis at their booth during the conference to learn how Onapsis X1 can enable SAP auditors to perform SAP-certified automated security assessments to their customer’s SAP implementations, complimenting existing SoD and GRC Controls.

April 29 | 2014

InfoSec UK

Logo

Infosecurity Europe is Europe's number one Information Security event. Featuring over 325 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 13,000 unique visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Visit the Onapsis and partner TurnKey Consulting booth during the conference to see live demo's of Onapsis X1.

April 30 | 2014

Evanta Houston CISO Executive Summit

Logo

This exclusive conference delivers peer insight and unparalleled networking among Houston’s security leadership, offering a platform to build and strengthen relationships within our influential community of CISOs. Join Onapsis Inc. for a boardroom session during the event titled, “ Securing SAP from Cyber Attacks.” Also, stop by the Onapsis booth to meet with company executives.

May 12 | 2014

Evanta New York CISO Executive Summit

Logo

This exclusive conference delivers peer insight and unparalleled networking among Houston’s security leadership, offering a platform to build and strengthen relationships within our influential community of CISOs. Join Onapsis Inc. for a boardroom session during the event titled, “ Securing SAP from Cyber Attacks.” Also, stop by the Onapsis booth to meet with company executives.

May 21 | 2014

SAP GRC - Nice, FR

Logo

SAP-GRC will be moving from Amsterdam to Nice, FR. Visit the Onapsis booth at the upcoming SAP GRC conference to meet Onapsis executives, learn how our products integrate with GRC and view demos of Onapsis X1.

June 3 | 2014

SAP SAPPHIRE Now and ASUG Annual Conference

Logo

SAP SAPPHIRE is the leading SAP User Conference in the United States. Attendees will Get the latest technological vision, actionable insights you need to drive profitability and growth, and influence future SAP offerings. Visit the Onapsis booth at the event to learn how our products integrate with GRC and view demos of Onapsis X1.

June 21 | 2014

SANSFIRE SAP Security In-Depth Training

Logo

Join SANS and Onapsis Inc for the hosted course: Security SAP Platforms - Hands-on Security Techniques to Protect Business-Critical Infrastructure from Cyber-attacks. Click Here for course Information and to register now. Space is limited.

June 23 | 2014

Gartner Security & Risk Management Summit

Logo

Gartner Security & Risk Management Summit 2014 helps you validate your security and risk management strategy, so you can see what needs to be improved, kept the same, or changed in your approach for a clear vision into the future. Visit the Onapsis booth during the event to ensure your organization's business-critical applications are not vulnerable to cyber-attacks.

August 4 | 2014

Black Hat USA Training: ERP Security: Assess, Exploit and Defend SAP Platforms

Logo

Onapsis has been invited back for the third time to host a two day training during the Black Hat Conference this year. This course will provide the latest information about SAP-Specific attacks and protection techniques. After an introduction to the SAP world (previous SAP expertise is not required), you will learn through several hands-on exercise how to perform your own vulnerability assessments and penetration tests of your SAP platform to identify existing security gaps. Register Now, space is limited.

Past Events


February 25 | 2014

RSA 2014

Logo
RSA Conference is helping drive the information security agenda worldwide with annual industry events in the U.S., Europe and Asia. Throughout its history, RSA Conference has consistently attracted the world's best and brightest in the field, creating opportunities for conference attendees to learn about IT security's most important issues through first-hand interactions with peers, luminaries and emerging and established companies. Join Onapsis' CEO, Mariano Nunez at 8am on Thursday, February 27th for the live session: Too Critical to Fail: Cyber-attacks on ERP, CRM, SCM and HR systems. Also, stop by the Onapsis booth # 2109 to meet with company executives, view presentations and see new versions of Onapsis X1.

February 12 | 2014

IT Defense Conference

Logo
An extraordinary conference on IT security with high-level speakers from the USA and Europe will be held for the twelveth time. The IT-Defense is different: it is not a conference with sponsors and promotion lectures, but a series of interesting presentations focused on relevant issues. At the same time, there are inspiring evening events for the exchange of ideas with speakers and other participants. The program of the IT-Defense is always a combination of technical lectures, strategic presentations and entertaining speakers on IT security. Attend the session by Onapsis CEO, Mariano Nunez, for the talk: Hactivism and ERP systems: Who, Why and How?

January 30 | 2014

Onapsis Webcast: Are your RFC Connections Secure?

Logo

Most organizations have multiple SAP implementations in their infrastructure. These implementations are made up of many interconnected systems that all perform different critical functions in the organization and process sensitive data. In order to operate smoothly day after day, these SAP Systems require hundreds of connections between themselves and with external entities.RFC Destinations are the main concept used when enabling these connections. If RFC Destinations are not properly secured, malicious attackers who gain access to one end of a connection could then transverse the connection to enable access to the other connected systems without providing credentials; turning the compromise of a single system into compromise of the whole SAP landscape.

In the Webcast, Onapsis Sr. Security Researcher, Sergio Abraham will explain the concepts surrounding RFC Destinations. He will then detail how any organization can analyze their security status manually. You will also learn how Onapsis X1 RFC Topology Map can perform the same analysis in minutes; thus saving significant time and resources.

Click Here to Register for the Webcast.

December 17 | 2013

Onapsis Webcast: Securing the SAP Transport Management System

Onapsis Logo
Join Onapsis on Tuesday, December 17th at 2:00pm EST for our latest SAP Security In-Depth Webcast: Understanding and Securing the SAP Transport Management System (TMS). In this Webcast, Onapsis’ CTO, Juan Perez-Etchegoyen, will explain the main components and capabilities of TMS. He will then detail specific ways in which organizations can increase their protection of their SAP platforms by gaining visibility to and securing TMS. Click Here to Register for the Webcast.

December 4 | 2013

Evanta CISO Executive Summit Chicago

SANS Sydney
Driven by an agenda created “by CISOs, for CISOs,” this invitation-only gathering has been designed to minimize time commitments while maximizing the depth of a true peer-to-peer engagement in an intimate setting. Based on insights from the very individuals who are creating new risk, talent and information security practices, establishing new investing benchmarks, and deploying strategies to drive growth, the conference features content from practicing CISOs and current industry thought leaders. Visit Onapsis executives at the event to learn more about our current offerings, and how Onapsis X1 can help mitigate threats targeting SAP.

November 19-20 | 2013

IT Audit and Controls Conference 2013 Boston

SANS Sydney
The ITAC Conference in Boston will be a premier conference for IT auditors to learn about critical topics that affect their daily jobs. Visit the Onapsis table at the event to talk about how Onapsis X1 can help SAP auditors become more efficient, and provide a holistic SAP security approach to their customers.

November 11-12 | 2013

Securing SAP Platforms 2 Day Hands on Training at SANS Sydney

SANS Sydney
This course provides the latest information on SAP-specific cyber-attacks and protection techniques. This intensive hands-on course, will include over ten (10) live demonstrations and numerous exercises (20).

November 5-7 | 2013

SAP TechEd Amsterdam

SANS Sydney
SAP TechEd in Europe is the premier technical education conference for IT architects, administrators and developers – offering more than 1,000 hours of training on SAP technology for in-memory computing, enterprise mobility, analytics, database and the cloud. Visit the Onapsis stand during TechEd to see live demo’s of Onapsis X1 and learn about Onapsis partners in Europe.

October 21-23 | 2013

SAP TechEd Las Vegas

SAP TechEd Las Vegas
SAP TechEd is the premier technical education conference for IT architects, administrators and developers – offering more than 1,000 hours of training on SAP technology for in-memory computing, enterprise mobility, analytics, database and the cloud. Visit the Onapsis booth during TechEd to see live demo’s of Onapsis X1 with the new mobile capabilities.

September 25-27 | 2013

Training, Briefing & GetTogether Party! at ekoparty 2013

ekoParty
Onapsis will hold a two-days, hands-on training on SAP security at ekoParty, one of the most attended Information Security events in Latin-America. In addition, all the participants are invited to have some fun at the GetTogerther party, sponsored by Onapsis.

September 24-26 | 2013

Exhibiting at Audit World & MISTI Summit on IT Governance, Risk and Compliance

SANS Sydney
The MIS Training Institute Audit World conference is the only audit event completely comprised of practitioner case studies. Onapsis along with Winterhawk Consulting winterhawkconsulting.com will have a booth at the event. Stop by to see live demos of Onapsis X1.

September 14-15 | 2013

Training and Exhibit at SANS Network Security

SANS AUS
This course provides the latest information on SAP-specific cyber-attacks and protection techniques. This intensive hands-on course, will include over ten (10) live demonstrations and numerous exercises (20) Also, stop by the Onapsis booth at the conference to see a live demo of Onapsis X1.

September 9-11 | 2013

Boardroom Discussing and Exhibiting at Evanta Global CISO Executive Summit

Evanta Logo
The Evanta Global CISO Executive Summit is the only three-day destination conference in security leadership. The summit is an annual gathering of the most engaged and respected members of the CISO community. It features the Top Ten Leadership awards, the industry’s only peer-driven recognition of individual innovation and achievement. During the conference, Onapsis will be hosting a boardroom discussion featuring the importance of SAP Security and informing CISO’s of the challenges their origination is facing in trying to secure these platforms. We will also have a booth in the exhibit hall where attendees can talk with Onapsis executives and see live demos of Onapsis X1.

September 9 | 2013

Onapsis X1 OXCP Certification Training UK

Onapsis Logo
This one day training course is the most effective way to learn how to leverage the Onapsis X1 product to perform in-depth black and white box security assessments of an SAP® infrastructure. Onapsis X1 is the industry’s first SAP Certified, comprehensive solution for automated security assessment of SAP systems. Contact Us for additional information.

August 29 | 2013 – 2:00pm EST

Onapsis Webcast: Mitigating attacks to the SAP Solution Manager

Logo Onapsis
Join us in our upcoming SAP Security In-Depth Webcast featuring the SAP Solution Manager In all SAP implementations, there is a special system that acts at the ‘brain’ of the platform: the SAP Solution Manager (SolMan). Using proprietary interfaces and protocols, SolMan connects to and manages all of the “satellite” SAP systems of the implementation (ERP, CRM, etc). If an attacker compromises the SolMan, they will have access to the entire SAP implementation. In this WebCast, Onapsis’ CTO, Juan Perez-Etchegoyen, will present known attack vectors that a malicious attacker could use to break into SolMan and what you can do to mitigate these threats in your organization. Register Here

August 6 | 2013

Onapsis X1 OXCP Certification Training

Onapsis Logo
This one day training course is the most effective way to learn how to leverage the Onapsis X1 product to perform in-depth black and white box security assessments of an SAP® infrastructure. Onapsis X1 is the industry’s first SAP Certified, comprehensive solution for automated security assessment of SAP systems. Contact Us for additional information.

July 27 - August 1 | 2013

Training & Exhibit @BlackHat USA, Vegas

BlackHat USA 2013
Black Hat USA 2013 will bring together the best minds in security to define tomorrow’s information security landscape. This training, hosted by onapsis’s CEO Mariano Nunez, and CTO Juan Perez-Etchegoyen, will equip you to understand the critical risks to your SAP Platform, and how to assess them. Also, you will learn which the best approaches to effectively mitigate them are, which will proactively protect your business critical-critical platform.

Like last year, Onapsis will be hosting a 2 day training session on ‘Cyber-threats on SAP platforms: Assess, exploit, and defend.’ Onapsis will also be an exhibitor at the conference. Stop by to see us in booth 231 to see a customized demo of Onapsis X1.

June 25 | 2013

Onapsis SAP Security In-Depth Webcast: Mitigating attacks targeting the SAP Solution Manager

Onapsis Webcast
Onapsis' CTO Juan Perez-Etchegoyen presented the latest SAP Security In-Depth Webcast, Tuesday June 25th at 2:00pm EST featuring threats affecting the SAP Solution Manager.

June 17-18 | 2013

Onapsis SAP Security In-Depth Training in Amsterdam

SAP GRC 2013
Onapsis CEO, Mariano Nunez, and CTO, Juan Perez-Etchegoyn were in Amsterdam on June 17-18th to teach the 2 day Onapsis “SAP Security In-Depth” course. This 2-day SAP security courses enables you to assess the critical cyber risks your SAP platform may be facing. Equally as important, attendees learned many of the best practices to help you mitigate these threats and proactively protect your SAP platform and business-critical information from cyber-attacks.

June 11-13 | 2013

Exhibit & Speaking @SAP GRC, Amsterdam

SAP GRC 2013
Onapsis’ CEO, Mariano Nunez presented the session, "Preventing cyber-attacks: How to address 11 risks that could leave your SAP system vulnerable” for the European SAP audience during this conference. In this session, Mariano helped attendees explore ways to mitigate critical SAP application layer vulnerabilities, analyzing why SoD controls may not be enough to protect their SAP platforms from cyber-attacks.

June 10 | 2013

Protecting your SAP Platforms from Cyber-attacks presented by Onapsis and AGENTIL

SAP GRC 2013
Onapsis, in collaboration with AGENTIL, presented a 1 day SAP security trainingi at Switzerland. In this one day course, attendees learnt about Cyber-Attacks targeting SAP Platforms, and how Onapsis X1 can be leveraged to help mitigate these threats and ensure business-critical information is protected.

April 23-25 | 2013

Exhibit @InfoSecurity Europe 2013, London

infosec UK 2013
InfoSecurity Europe is one of Europe’s largest Information Security events. Featuring over 350 exhibitors and over 12,400 visitors from across Europe. Onapsis is happy to be an exhibitor at InfoSecurity Europe this year. Meet us at the Onapsis stand #N80 to see how Onapsis X1 and Onapsis IPS can help you secure your SAP platform. Also, learn about unique partnership opportunities with Onapsis in your country.

March 19-22 | 2013

Speaking & Exhibit @SAP GRC, Vegas

SAP GRC 2013 Vegas
At this event Onapsis hosted the session, "Preventing cyber-attacks: How to address 11 risks that could leave your SAP system vulnerable." This track, hosted by Onapsis CEO Mariano Nunez, will helped attendees explore ways to mitigate critical SAP application layer vulnerabilities, analyzing why SoD controls may not be enough to protect your SAP platforms from cyber-attacks.

Also, Onapsis had a booth # 436 on the show floor where attendees had the opportunity to see custom demos of Onapsis X1 and Onapsis IPS.

March 11-15 | 2013

Speaking @Troopers13, Heidelberg

Troopers13
Mariano Nunez, Onapsis' CEO and Juan Perez-Etchegoyen, Onapsis' CTO presented during the Troopers13 conference on “Detecting white-collar cybercrime: Sap Forensics.” This talk was the first public presentation on how to do a forensic analysis of an SAP system, and how to look for a security breach. Attendees learned where fingerprints may have been left, and how to understand which system tools are available that may help you, and what their limitations are. Using several examples of security breaches, attendees learned how to detect what took place, how to access the business impact, and how to track down the attacker.

February 25 - March 1 | 2013

Exhibit and Peers-to-Peers session @RSA 2013, San Francisco

RSA 2013
Mariano Nunez, Onapsis' CEO, moderated Onapsis' Peer-to-Peer session "Protecting Your SAP Platform from Cyber-Attacks.” This gave attendees an opportunity to share their opinion and experiences about the best ways to address SAP security. Also, attendees that visited the Expo Hall, had the opportunity to meet our experts at booth #456 and watched personalized demos of our products - Onapsis X1 & Onapsis IPS - the most comprehensive solutions for protection of your SAP infrastructure from cyber-attacks.