At Onapsis, we’re not only solution leaders—we’re also thought leaders. Here you’ll find a growing library of materials to help you build your cyber resilience strategy. The more light we can shed on business-critical application security and compliance, the better you can drive your business forward, confidently.

Volume III: The Silent Threat – SAP Backdoors and Rootkits

Onapsis SAP Security In-Depth Volume 3: The Silent Threat – SAP Backdoors and Rootkits

Backdoors and rootkits have existed for a long time in computer code and programs. From PCI cards to the most modern operating systems, almost every system is susceptible of being attacked and modified to contain a hidden malicious program that will ensure future access for the attacker and even perform unauthorized activities, while trying to remain undetected.

As SAP business applications run the most critical business information and processes in an organization, a backdoor in this platform would imply severe negative impacts to the business. If the organization is not securing their systems properly it would be possible for a remote, anonymous attacker to perform continuous espionage, fraud and sabotage attacks through the injection of a backdoor or rootkit in the SAP platform.

This publication analyzes some of the different attack vectors that malicious parties can use to try to inject backdoors and rootkits in the SAP platform, in order to understand which are the necessary protection measures that need to be implemented to protect the business crown jewels.

Request a
Business Risk Illustration


Prevent application downtime and costly business disruption

Request an assesment

Eliminate resource consuming manual audit processes

Request an assesment

Reduce vulnerabilities and misconfiguration to protect the business

Request an assesment