Onapsis Platform Boosts SAP Security and Visibility
▼ Summary
– Onapsis has enhanced its security platform with new integrations for SAP CI/CD, Git repositories, and SAP Transport Management System to secure development and cloud ERP environments.
– The updates expand support for SAP Web Dispatcher and SAP Cloud Connector, providing comprehensive cybersecurity coverage from development to production systems.
– Threat intelligence reveals a 400% increase in ransomware attacks on SAP applications and new cloud deployments being targeted within three hours of going live.
– New capabilities include automated code scanning, vulnerability checks for SAP Web Dispatcher, and monitoring for SAP Cloud Connector to enforce security policies.
– These enhancements help organizations automate security, identify risks early, and protect mission-critical SAP data across on-premises, hybrid, and cloud deployments.
A significant upgrade to the Onapsis Control platform delivers enhanced security and visibility for SAP and cloud ERP application environments. These improvements integrate directly with SAP Continuous Integration and Delivery pipelines, broaden Git repository compatibility to protect more stored code, and fortify workflow connections with the SAP Transport Management System. The platform now also extends its protective reach to include SAP Web Dispatcher and SAP Cloud Connector, offering customers a unified security solution that automates compliance verification, identifies potential risks sooner, and strengthens defenses across the entire SAP infrastructure.
The urgency for these security enhancements is underscored by recent threat intelligence. Over the past three years, the window for exploiting SAP vulnerabilities has narrowed dramatically. Simultaneously, ransomware campaigns focusing on SAP applications have surged by an alarming 400%. Research indicates that new SAP applications hosted in the cloud are frequently targeted by attackers in less than three hours after becoming active. Given that the vast majority of enterprises classify their SAP data as mission-critical, securing these environments, whether on-premises, hybrid, or within RISE with SAP deployments, has become a paramount business priority.
To combat these escalating threats, the latest Onapsis platform updates for Q4 2025 embed automated security controls directly into development workflows. Key new capabilities provide a multi-layered defense strategy.
A major advancement is the new SAP CI/CD integration, which now includes coverage for the SAP Business Technology Platform. This allows for automated, continuous security and compliance scanning throughout the entire software development lifecycle, safeguarding organizations as they expand their SAP footprint in the cloud.
Expanded Git repository coverage now incorporates support for gCTS and Bitbucket. This enhancement allows development teams to scan code much earlier in the process, enforcing stringent quality and security standards before code progresses further.
The platform introduces an SAP TMS approval workflow that automatically scans transport requests before they are approved for production. This empowers security teams to block any transport that contains critical vulnerabilities, preventing them from reaching live systems.
For improved threat visibility, Onapsis Assess now features dedicated support for SAP Web Dispatcher. It performs specialized vulnerability scans and security checks on this crucial web gateway, which is often one of the most exposed entry points for SAP applications.
Within the Onapsis Defend product, new monitoring for the SAP Cloud Connector generates immediate alerts for critical configuration changes. This helps prevent violations of security policies and reduces risk to this essential component.
Defend also gains increased flexibility with the ability to alert on any activity for HANA and JAVA assets. Customers can now customize and expand their monitoring beyond the platform’s pre-built detection rules, tailoring alerts to meet their organization’s specific security and compliance requirements.
Mariano Nunez, CEO of Onapsis, commented on the aggressive nature of modern cyber threats. “Recent attacks on critical SAP vulnerabilities demonstrate the speed at which threat actors will move against business-critical applications once a weakness is found,” he stated. He emphasized that defenders of complex SAP environments face immense pressure, making it essential to move beyond native tools, manual processes, and reactive security. “Organizations require proactive security built into every stage of development, enabling a secure journey from development to production. Onapsis provides security that adapts alongside your SAP environments and cloud transformations.”
Sadik Al-Abdulla, CPO at Onapsis, highlighted the company’s unique market position. “No other vendor provides such comprehensive security for SAP landscapes. As the only SAP-endorsed security partner offering protection across development, transport, and runtime, we empower customers to achieve both operational speed and robust security without compromise,” he said. “With the rapid adoption of RISE with SAP and SAP BTP, businesses need cloud-ready cybersecurity for SAP, powered by deep threat research, to defend against the sophisticated attackers currently targeting vulnerable SAP cloud deployments.”
(Source: HelpNet Security)