Who we are

As the leading provider of security for SAP® and Oracle® EBS applications, Onapsis has developed unique insight into emerging threats that can affect your business-critical systems. That’s why we created Onapsis Research Labs, a team of ERP security experts who combine in-depth knowledge and experience to deliver technical analysis and alerts with a business context. Our team works closely with SAP and Oracle product security teams to responsibly deliver the information to customers. To date, we have released over 150 advisories. We’ve consulted with over 180 of our enterprise customers, and we regularly present at leading security, Oracle and SAP conferences around the world.

Advisories

We regularly issue advisories that help enterprises make sense of the business and security impact that new threats present.

All Advisories
Low
SAP
07/29/2019
Please fill in the following form in order to download the selected Onapsis' resource. The system will send you a download link to your email.
High
Oracle
07/18/2018
By exploiting this vulnerability, a remote attacker could steal sensitive business information by redirecting users to a malicious site.
High
Oracle
07/18/2018
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.

Publications

These in-depth publications analyze security issues and aspects inherent in SAP and Oracle EBS applications.

All Publications
In February 2017, SAP released Security Note 2413716 regarding configuration changes to secure Trusted RFC for GRC Access Control (AC) Emergency Access Management (EAM), which was a High Priority…
SAP HANA is being pushed by SAP as the absolute in-memory database for its products, and more recently, as a standalone platform.
SAP HANA is being pushed by SAP as the absolute in-memory database for its products, and more recently, as a standalone platform.

Threat Reports

Stay informed on the latest threats to the ERP landscape and get the information you need to help mitigate those threats.

All Threat Reports
10KBLAZEProtection from a Cyber Exploit Wi
How are organizations truly managing cybersecurity risks in their Oracle E-Business Suite ecosystem?
Recent research from Onapsis and Digital Shadows provides evidence of how cybercriminals target and exploit SAP and Oracle ERP applications.

Blog

Check out the blog often for the most timely updates, tips and trends relating to ERP security.

All Blog Posts
BLOG
Oracle’s July 2019 CPU Patches Three Critical Vulnerabilities in E-Business Suite Reported by Onapsis
Posted 07/16/2019 by Christian Simko, Gaston Traberg, Martin Doyhenard, Michael Miller, Sebastian Bortnik
BLOG
SAP Security Notes July ‘19: Critical Vulnerability Affecting Solution Manager
Posted 07/09/2019 by Agustin Dendarys
BLOG
Cyber Weakness and the Impact on the Economy
Posted 06/25/2019 by Christian Simko

Further
Reading

Want a more in-depth exploration? Start with these related pieces, then visit our Resources page for more.

All resources

Request a
Business Risk Illustration

Examine the operational risk and cybersecurity posture of your business-critical applications to determine the potential impact of sub-optimal application performance, unplanned downtime and an attack on your organization’s ERP platforms.

Engage