Security

Google Cloud has acquired cybersecurity platform Wiz for $32 billion, aiming to enhance security technology and scalability across multi-cloud environments.

Dell Technologies and Microsoft are enhancing AI adoption to protect data and improve cybersecurity for multicloud environments.

Onapsis CEO Mariano Nunez talks about the importance of cybersecurity in today's ERP landscape, shared security responsibility, and why it is vital to embed security from the start.

Signify enhanced efficiency and quality control across over 100 company codes by utilizing Aico’s modules, achieving a 99.9% success rate in journal management, real-time reporting with 15-second dashboard refresh rates, a 30% reduction in obsolete tasks, an increase of 250-350 additional reconciliations per company code, and a jump to 58% automation in BSAR sign-offs.

Cyberattacks on utility companies are increasingly targeting vulnerabilities in SAP applications, posing significant financial and operational risks, with the average cost of a data breach reaching $4.72 million. The energy sector, with its sensitive enterprise resource planning (ERP) systems like SAP, is particularly attractive to cybercriminals. Despite this, many utility companies struggle to allocate adequate resources for security, especially amid ongoing digital transformation efforts. The consequences of such attacks can be severe, leading to business disruptions, power or water outages, and the theft of customer data. To address these challenges, Onapsis, a leader in business application security, has partnered with Snohomish County Public Utility District (SNOPUD) to enhance SAP security through its Connect Up initiative, aimed at upgrading meters across homes and businesses. This collaboration leverages Onapsis' threat intelligence and automated vulnerability remediation to safeguard SNOPUD's critical systems and customer data, supporting a security-first approach as the utility modernizes its operations.

This article discusses the use of hashing for password security in SAP systems, explaining how hashes are stored, methods for cracking them using tools like JohnTheRipper and Hashcat, and emphasizes the importance of addressing weak hashes and deactivating downward compatibility to enhance data protection.

Remote Function Call (RFC) is a proprietary framework and network protocol used as a key pillar for data exchange in SAP landscapes. For network communications based upon the RFC framework, connection information needs to be configured and stored on the...

Onapsis Research Labs detailed a security breach where an SAP system was compromised, transformed into a command and control bot through a vulnerability, and used to launch a distributed denial of service attack via Cloudflare.

THE IMPORTANCE OF SAP SECURITY Simple steps to educate yourself, your team, your executive management, and the board of directors. SAP S/4HANA & DIGITAL TRANSFORMATION Best practices to securely navigate your SAP S/AHANA journey. AUTOMATION, EFFICIENCY & AGILITY FOR APPLICATION...

Onapsis and Flashpoint released a report detailing how cybercriminals are increasingly discussing and targeting SAP applications.

New Intelligence to Protect SAP from Ransomware and Data Breaches, Onapsis and Flashpoint have joined forces to level the playfield, revealing how threat actors are attacking SAP applications. Download our report or listen to our recent webinar

Onapsis Assess - Complete ERP Attack Surface Management. Discover vulnerabilities across your critical ERP application landscape and get the risk-based guidance you need to better prioritize and respond faster to issues posing the greatest threats to your business.

Onapsis Secure RISE Accelerator lowers risk and reduces security and compliance obstacles in RISE projects by delivering a proven SAP security framework that helps you make better-informed, faster security decisions, narrow the scope for an optimized secure-by-design go-live, and de risks the threat of costly project delays with expert guidance and automation technology that reduces manual efforts and costs.

SonicWall's 2025 Cyber Threat Report reveals a rapidly evolving cyber threat landscape, particularly targeting small and medium businesses (SMBs), with alarming increases in Business Email Compromise incidents, sophisticated attack tactics, and the urgent need for proactive security measures such as real-time patching and enhanced user training.

CrowdStrike is enhancing Oracle Cloud Infrastructure by integrating its Falcon Cloud Security platform to provide unified protection, streamline compliance, and empower organizations to effectively address evolving threats and vulnerabilities in their cloud environments.

As the only cybersecurity and compliance Endorsed App from SAP, Onapsis protects the business applications that run the global economy. The Onapsis Platform delivers vulnerability management, change assurance, and continuous compliance for business applications from leading vendors such as SAP, Oracle, and others. Our solutions are powered by Onapsis Research Labs, the team responsible for the discovery and mitigation of more than 1,000 zero-day vulnerabilities in business applications. Trusted by 30% of the Forbes Global 100, we are the market leader to accelerate your SAP initiatives securely.

The rapid growth of generative AI tools like DeepSeek presents significant data security risks for organizations, necessitating enhanced protective measures such as Mimecast's Incydr platform to safeguard intellectual property while promoting safe and effective AI adoption.

de Novo Solutions has successfully achieved re-accreditation of the Cyber Essentials Plus certification, underscoring its commitment to robust cybersecurity and data protection across its operations in the Finance, Procurement, HR, and Payroll sectors amidst rising cyber threats.

Deep Instinct's DSX for Cloud – Amazon FSx NetApp employs advanced AI-driven technology to deliver comprehensive, real-time security against zero-day attacks, ensuring data integrity and operational efficiency for organizations managing hybrid environments.

NTT DATA's Japan operations have achieved the Okta 'Workforce Identity Cloud Service Delivery Specialization,' affirming its expertise in cybersecurity and commitment to enhancing identity and access management services amidst increasing cyber threats.

Oracle has partnered with AI-driven information intelligence leader Adarga to deploy its Vantage software on Oracle Cloud Infrastructure, enhancing defence and security operations in the UK by enabling rapid data extraction and analysis from millions of sources, while adhering to national security and sovereignty requirements.

AI-powered data security platform company Cohesity this month announced it has expanded the Cohesity Cyber Event Response Team (CERT) service to include partnerships with a number of incident response (IR) vendors.  The team says that by partnering with IR vendors...

Accenture has launched an enhanced suite of generative AI-powered cybersecurity services to help organizations strengthen their defenses against evolving cyber threats, emphasizing a tailored and proactive approach to tackle industry-specific vulnerabilities.

This article highlights common mistakes in configuring NetSuite security, such as over-extending the Administrator role, misunderstanding global permissions, and ignoring configuration settings, while providing best practices to mitigate risks and enhance security.

The article emphasizes the critical need for robust identity security in business applications to protect sensitive data, highlighting challenges like managing excessive permissions, credential management, and the risks of overprovisioned access, while advocating for integrated Identity Governance and Administration solutions to streamline access management and mitigate these risks.

As Oracle prepares to end GRC support by May 2025, companies must evaluate their options, including continuing with limited support, shifting to manual processes, or adopting third-party solutions like Fastpath's GRC module, to maintain effective internal controls and compliance.

Third-party support specialists like Spinnaker Support offer businesses enhanced software support, including cybersecurity solutions like Spinnaker Shield, which can help organizations manage compliance, security, and legacy technology without being tied to vendor-imposed restrictions.