Onapsis Research Labs

Security Publications


  • Explore our webcast schedule to hear from the Onapsis Research Team



  • Your expert source for strategies, research and information to achieve business-critical application security success.


Latest Advisories

  • Get direct access to the latest security advisories from Onapsis


The Onapsis SAP Security In-Depth (SSID) Publication highlights and details innovative security aspects of business critical applications as identified by Onapsis Research Labs.


In each release, a different subject is analyzed from an objective perspective which reviews and presents a comprehensive assessment of the unique risks introduced by the subject to critical business applications that house vital data and run mission-critical business processes. The publication specifically goes on to review and detail the different mitigation strategies that allow corporations to protect themselves from the risks targeting their SAP implementations.

Date Title
2014-04-01 Volume IX: Assessing and Defending BusinessObjects
2013-12-10 Volume VIII: Transport Management System Highway to Production
2013-09-21 Volume VII: Preventing Cyber-Attacks Against SAP Solution Manager
2012-09-13 Volume VI: Securing the Gate to the Kingdom: Auditing the SAProuter
2012-05-09 Volume V: Our crown jewels online: Attacks on SAP Web Applications
2011-07-28 Volume IV: The Invoker Servlet: A Dangerous Detour into SAP Java Solutions
2011-03-03 Volume III: The Silent Threat: SAP Backdoors and Rootkits
2010-03-23 Volume II: SAP Knowledge Management - The risks of sharing
2009-11-25 Volume I: The risks of downwards compatibility