La firma de ciberseguridad desarrolla soluciones para los sistemas Oracle y SAP; tiene más de 100 clientes en el mundo
Cybersecurity and compliance leader, Onapsis, has extended the Onapsis Security Platform (OSP) to include the Enforce and Protect module to “lock down” SAP systems, preventing them from drifting into an insecure or non-compliant state and enabling InfoSec and SAP teams to protect their systems and enforce compliance.
Onapsis reported that it has extended the Onapsis Security Platform (OSP) with the launch of the Enforce and Protect product module.
Onapsis has extended the Onapsis Security Platform (OSP) with the launch of the Enforce and Protect product module. OSP is now the first platform to enable InfoSec and SAP teams to enforce compliance and protect business-critical applications by actively preventing these systems from drifting into an insecure or non-compliant state.
Onapsis researchers revealed a critical security configuration vulnerability that results from default installations in SAP systems which if left insecure, could lead to a full system compromise in unprotected environments.
SAP and Oracle application cybersecurity and compliance researcher, Onapsis, has identified a critical security configuration vulnerability resulting from default installations in SAP systems that could lead to a full system compromise, enabling remote hackers to gain unrestricted access to the system and putting business-critical data and processes at risk.
April was another busy month for cyber-security startups, with venture capitalists funding at least seven such companies. The largest amount raised during the month was a $31 million round that went to business-critical application security vendor Onapsis.
With thousands of products to choose from, and little guidance from stakeholders, security leaders are facing an unwieldy industry.
The flaw is driven by a security configuration initially documented by SAP over a decade ago.
Companies using SAP systems for their business software infrastructure might want to review some of their servers' settings for a configuration that if left in its default state will let an attacker gain access to a company's business data.