The Onapsis Security Blog

The world of business-critical application security and compliance is dynamic, with new developments happening on a continuous basis. Read our blog posts for recommendations, insights and observations on the latest news for safeguarding your SAP® and Oracle® applications.

Thumbnail
Onapsis Research Labs

TLS: Much More Than a Compliance Requirement

You may have heard about SSL/TLS, especially in 2018 when more widespread Secure Sockets Layer (SSL) adoption pushed by web browsers and PCI council advisory about the future deprecations of early versions of TLS (Transport Layer Security). This is a basic guide what it is, how it works, and why we should implement it in our SAP systems.
Thumbnail
Blog Banner

SAP Security Notes November 2017: Don't Get Too Comfortable, Hot News is Back

Today SAP has released another batch of its security notes, a regular event which happens every second Tuesday of the month. The total number of notes this month is 32, of which 18 have been released today. The other 14 notes have been released in the course of the past month. Those notes generally concerned re-releases. 

Thumbnail
Security Notes Banner

SAP Security Notes September 2017: No Hot News updates does not mean you can become complacent

It’s the second Tuesday of the month and another set of SAP Security Notes has been released. Since the previous Patch Day in August, SAP has released 32 notes, including 16 out-of-date and another 16 released this morning. One striking observation is that this is the fifth month in a row without a Hot News note; the highest category for notes based on risk. In addition to that, for the three high-priority notes, two of them are updates for a July note and the other one only affects a single country making the risk much smaller.

Thumbnail
Security Notes Banner

SAP Security Notes August 2017: Remote Code Injection Vulnerability in JAVA Component

It’s the second Tuesday of the month, meaning another round of monthly SAP notes have been released. Below is our monthly analysis regarding the SAP vulnerabilities fixed, to help you keep your ERP environment safe and protected. For another month, there are no new notes tagged as Hot News, now making a four month streak in which notes of this severity are absent. There is still a need for action however, since three notes were reported as having High priority.

Subscribe to SAP Security

Request a
Business Risk Illustration

Examine the security posture and risk exposure of your business-critical applications to determine the potential impact of a cyberattack on your organization.

Engage