Onapsis Control

Shift Left and Accelerate Secure Application Development & SAP Code Security

Secure your SAP code security and software development lifecycle from development to production. Use automation to clean your custom code before an SAP S/4HANA migration, and bring security directly into your development process, including work on the SAP Business Technology Platform (BTP). This helps you build secure applications and prevent vulnerabilities from ever reaching production.

Build Security Into Custom SAP Application Development

Gain a comprehensive understanding of potential code and transport vulnerabilities, including code developed by external partners, using multiple methodologies in one engine (DAST, SAST, IAST).

Empower application developers to identify, prioritize, and remediate issues quickly with “spell-check” features and detailed step-by-step remediation instructions with pre-written code suggestions.

Leverage automation and one-click fix capabilities to remediate up to 50% of common code errors prior to migration or import.

Scan transports of third-party developed code prior to import and prevent negative impacts to applications and potential system failure.

Create a secure baseline by automatically cleaning custom code prior to migrating to the cloud or SAP S/4 HANA.

Onapsis lets your teams work with the tools and environments they already use and offers additional products that accelerate development cycles.

See How We Strengthen DevSecOps for SAP

Not quite ready for a live demo, but want to see Onapsis Control in action?
View this two-minute on-demand video of Control to see how we can solve your organization’s unique challenges.

In this video, you will:

  • Get an understanding of Onapsis Control and its key features.
  • Discover how Onapsis Control empowers you to establish and enforce secure configuration standards across your applications.
  • Learn how Onapsis Control seamlessly integrates security into the application development lifecycle.

Control Central

  • Centrally managed, comprehensive application security testing for ABAP, UI5, XSJS, Fiori, and HANA Native applications
  • One-click fix functionality automatically corrects the most common code errors, enabling a proactive approach to SAP code security
  • Supports the most critical IDEs, such as Visual Studio Code, SAP Business Application Studio in BTP, Eclipse, and Git repository scanning (e.g., ABAPGit)
  • Add additional security and quality gates to your release processes via integrations with leading change management and CI/CD tools, including SAP ABAP Test Cockpit (ATC), SAP Change Request Management (CHaRM), SAP Transport Management System (TMS), and Azure Pipelines
Onapsis Control Center

Control for BTP

  • Integrates with the broadest list of SAP Recommended IDEs for SAP BTP development
  • Identifies errors as they occur and provides developers with immediate feedback and actionable fixes to address SAP code security risks during the development process
  • Connect Control for BTP to your Git repositories and perform rapid scans of individual projects or all connected Git repositories, saving time and reducing manual effort

Control for Transports

  • Scan objects and data vulnerabilities inside SAP transports
  • Identify, block, and mitigate bad transports prior to production import
  • Compatible with SAP TMS, ChaRM, and third-party workflow management tools
Onapsis Control for Transports
Onapsis On-Change Control

On-Change Control

  • Integrated, detailed security scanning and approval framework for SAP CHaRM
  • One-stop shop for approvers and requesters to manage scans, approvals, and notes
  • Automatic notifications ensure a swift change management process

One-Click Fix Premium

  • Automatic identification and correction for up to 80% of common code errors
  • Simulate mode enables view of impact of automated corrections prior to import
  • Compatible with SAP ABAP Workbench and SAP Application log
Onapsis Solution – Threat Detection & Response The Better Way

Part of The Onapsis Platform

Designed to make SAP security frictionless, Onapsis delivers an award-winning, full application security suite. The Onapsis Platform shines a light on the full SAP or Oracle attack surface to help organizations worldwide better understand risk, protect their most critical systems, respond rapidly to threats, and keep their business-critical applications and digital transformation projects running smoothly.

Learn More About The Platform

See Why Customers Love Onapsis for SAP Application Security Testing

“Onapsis helps us address two of the biggest trouble areas in our change management processes—custom code and transports. A third-party solution for analyzing these that integrates into SAP ChaRM allows us to get things right the first time and avoid costly rework and manual analyses.”

– Security Architecture Manager, Global Chemical Company

Read Case Study
Reduction in Code
Review Time by Teams
Saved Annually In
Code Review Costs
Saved Per System By
Eliminating Import Errors

Powered by the Onapsis Research Labs

The Global Leader in ERP Security & Threat Research

  • 6 US DHS critical alerts based on our research
  • Discovered 1,000+ zero-day vulnerabilities in business-critical applications
Onapsis Research Labs

Awards

  • Onapsis Company Awards ASTORS
  • Onapsis Company Awards CRN 2022
  • Onapsis Company Awards Cyber Defense Magazine
  • Onapsis Company Awards CRN 2021
  • Onapsis Company Awards Inc 500
  • Onapsis Company Awards Cybersecurity Breakthrough
  • Onapsis Company Awards Cyber Defense Magazine 2023
  • Onapsis Company Awards Cyber Defense Magazine 2022

    • Further Reading

    Ready for a deeper understanding on how Onapsis secures your critical business applications? Start with these related resources, then visit our Resource Center for more.

    All Resources

    Datasheets

    Control Central

    Application security testing for SAP ABAP applications. Step-by-step remediation instructions and integrations with SAP ABAP…

    Learn More

    Datasheets

    Control for Transports

    Transport security testing for SAP, including the ability to check development objects, system settings, application configuration…

    Learn More

    Datasheet

    Control for Code

    Step-by-step remediation instructions and integrations with developer tools accelerate time to vulnerability identification and remediation.

    Learn More

    Solution Brief

    Control: Application Security Testing for Business-Critical Applications

    Accelerate and Secure Development with Automated Application Security Testing Built for SAP

    Learn More

    Ebook

    Battling Trojan Horses in Your SAP® Transports

    Changes to SAP production systems through SAP transports pose a high security risk.

    Learn More

    Schedule a live demo today

    Learn How to Shift Left Easily and Build Security Into Your SAP Software Development Lifecycle.

    Let our technical experts show you how to leverage Onapsis Control to automatically scan and mitigate code vulnerabilities to accelerate your S/4 HANA migration projects and RISE with SAP transformations. Our demo will show you how Onapsis Control can help.

    Schedule a Live Demo