The Onapsis Security Platform is the first cybersecurity solution that automates vulnerability management, insider and outsider threat detection and response, and audit and compliance monitoring for SAP Systems.

Through continuous monitoring, the Onapsis Security Platform (OSP) delivers a near real-time preventative, detective and corrective approach for securing SAP systems and applications whether deployed on-premise, or in a private, public or hybrid cloud environment. The Onapsis Security Platform provides unmatched coverage and protection across SAP NetWeaver, ABAP, J2EE, HANA, and S/4HANA platforms. The platform integrates with network security, GRC solutions, SIEM solutions and workflows as well as leading cloud providers.

By partnering with Onapsis, your enterprise can bridge the gap in SAP security and compliance capabilities in three main areas:

Perform automated vulnerability and compliance checks

  • Identify and measure the exposure to security risks within SAP
  • Perform automated assessments daily or weekly vs waiting for a yearly audit
  • Detect compliance requirement failures
  • Streamline audit processes and reporting
  • Generate graphical map and create inventories of your SAP infrastructure

Detect and respond to threats and compliance failures

  • Continuous monitoring of threats against the SAP infrastructure whether on-prem, or in a private, public or hybrid cloud environment
  • Identify the use of functions that expose sensitive information
  • Provides visibility into attacks, with context, to determine if the attack is likely to be successful
  • Notifications if SAP systems are under attack
  • Define customized alarms for specific users and their transactions

Enforce and Protect Secure Settings

  • Automatically stop critical system changes to prevent SAP systems from becoming insecure or non-compliant
  • Receive immediate alerts if an unplanned update could make a system insecure
  • Approve out-of-band configuration changes that are required as exceptions
  • Maintain secure configuration settings that require significant time and investment
  • Record and log change activity for audit and investigations
  • Continuously assure configurations adhere to corporate policies for all SAP versions, including S/4 HANA

Proactive protection from the Onapsis Research Labs

  • Detection of SAP zero day vulnerabilities that Security notes/patches have not yet been created for
  • Receives a direct feed of the latest vulnerabilities found and confirmed by the Onapsis Research Labs

Onapsis has been issued U.S. Patent No. 9,009,837 entitled “Automated Security Assessment of Business-Critical Systems and Applications,” which describes certain algorithms and capabilities behind the technology powering the Onapsis software solutions.