At Onapsis, we’re not only solution leaders—we’re also thought leaders. Here you’ll find a growing library of materials to help you build your cyber resilience strategy. The more light we can shed on business-critical application security and compliance, the better you can drive your business forward, confidently.

White Papers
Oracle Compliance, SAP Compliance
This white paper discusses the approach publicly traded companies should be taking to secure their ERP systems and maintain regulatory compliance in regard to SOX. Organizations can define an automated, repeatable method for continually improving and maintaining security and compliance requirements with The Onapsis Platform.
White Papers
SAP Compliance, SAP Security
As many organizations make the move to HANA, whether on-premises or in the cloud, it's imperative to consider how cybersecurity plays a role in the migration's success. We created this guide to assist those using the SAP Activate methodology during their transformation and supported each phase with a security component.
Webinars
SAP Security
Join us as we dive into the SAP exploits recently made public dubbed '10KBLAZE' to understand if you're at risk and how to stay protected.
Videos
Corporate
Onapsis has announced the appointment of former Google Vice President of Security & Privacy Engineering (CISO) Gerhard Eschelbeck to the company’s board of directors.
Reports
10KBLAZEProtection from a Cyber Exploit With the Power to Burn Financial StatementsCritical Security Configuration Risk in Unprotected SAP Implementations

In April 2019, several new exploits targeting SAP® business applications were released in a public forum. Although the exploits target insecure configurations that have been reported by SAP SE and Onapsis in the past, their public release significantly increases the risk of successful cyberattacks against SAP implementations globally. Based on hundreds of SAP implementation assessments and the proprietary threat intelligence of Onapsis, we estimate these exploits could affect 9 out of 10 SAP systems of more than 50,000 customers worldwide. We recommend you review and apply all relevant SAP security notes immediately.

Videos
Oracle Security, SAP Security

Jason Fruge, CISO at Fossil, discusses the importance of securing business-critical ERP systems, such as SAP and Oracle, and how they've become a blind spot in the overall IT strategy. Hear his advice on how to overcome the challenge and take on ERP security in your organization. 

Videos
Oracle Compliance, Oracle Security, SAP Compliance, SAP Security

Larry Harrington, Former Chair of the Institute of Internal Auditors and Former Chief Audit Executive for Raytheon Company, discusses how ERP security enables the audit and compliance process within organizations, aligning CISOs with the internal audit team and maintaining compliance 24/7.

Webinars
SAP Security
This presentation includes research of more than 180 vulnerabilities found in a year for Oracle E-Business Suite including different types and risks such as Denial of Service, Password Disclosure, User Creation, Cross Site Scripting, and the mitigation options to protect these systems.
Webinars
SAP Security
Join us for an inside look at how cyberattackers are targeting ERP systems and are a part of many recent breaches at large organizations.
Webinars
SAP Security
Join us to learn how to speak SAP Cybersecurity to Internal Audit, IT Security, and Application Security for productive company alignment.
Infographics
SAP Security
Every month Onapsis publishes an analysis of released SAP Security Notes. We have put together a list outlining the most newsworthy SAP Security items from 2018.
White Papers
Cloud Security
The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, has released a survey to give more insights into securely moving ERP applications to the cloud.

Request a
Business Risk Illustration

Examine the operational risk and cybersecurity posture of your business-critical applications to determine the potential impact of sub-optimal application performance, unplanned downtime and an attack on your organization’s ERP platforms.

Engage