HomeServicesSAPSAP Client-side Security Assessment

Onapsis Latest Publications

SAP Security In-Depth Vol.4

Read Case Study

Westinghouse Electric

Consulting Services

SAP Client-side Security Assessment

“Could someone attack my organization’s end-users by abusing SAP vulnerabilities and achieve access to my business-critical information? What can I do to stop him?”

Employees access SAP systems through two main channels: SAP GUI and Web, being the first one the most widely deployed. SAP GUI is a complex client solution, shipped with several technologies to provide a flexible operation of the company’s SAP environment. This complexity can be, as a collateral effect, the source for many security risks that could be exploited by malicious attackers to access end-users workstations.

The SAP Client-side Security Assessment service analyzes your SAP GUI implementations looking for security vulnerabilities such as:

  • Missing security patches
  • Existence of vulnerable SAP ActiveX controls
  • Insecure history configuration
  • Insecure Security Module configuration

Key Benefits

  • Detect threats that could be exploited by the growing trend of client-side cyber attacks.
  • Obtain a suggested action plan and detailed solutions to mitigate discovered risks, increasing the security level of your end-users systems.


  • Executive Report with a summary of existing risks and the possible impacts for your business.
  • Detailed Technical Report, providing detailed vulnerability information.
  • Mitigation Plan Report, presenting a recommended action plan with detailed mitigation activities for each detected issue.