Tuesday, May 12, 2015

Unpatched SAP apps pose security risks

Onapsis, a security firm famous for finding out security flaws in SAP applications revealed that cybercriminals usually use pivoting, portal attacks and database warehousing techniques to take control of SAP systems at the application layer. Onapsis Research Labs indicates in the assessment report which was conducted recently and declares that almost 95 percent of ERP implementations involving SAP applications are vulnerable due to lacking in proper patching results in high risk to security breaches. According to Mariano Nunez, CEO and co-founder of Onapsis, CISO should have greater visibility into their SAP applications so that they can figure out risks and provide mitigation accordingly. CISOs should also be able to detect new attack vectors and user behavior anomalies as being indicators of exploiting SAP implementations. <more>

No comments: