IBM X-Force Red Adds Onapsis to Uncover Critical Vulnerabilities
Onapsis ERP technology will help IBM identify exploitable vulnerabilities in business-critical applications like SAP and Oracle.
February 28, 2019
PRESS RELEASE
Boston, MA - February 28, 2019 - Onapsis, the global leaders in ERP cybersecurity and compliance, today announced IBM Security’s team of veteran hackers, X-Force Red, will use its ERP technology to help organizations identify exploitable vulnerabilities in their business-critical applications. X-Force Red will use Onapsis’ ERP technology when performing vulnerability assessments and penetration testing against SAP and Oracle applications to help quickly uncover known and unknown vulnerabilities.
Customers can access X-Force Red’s services through the X-Force Red Portal, the team’s cloud-based communications and collaboration platform. Using the X-Force Red Portal, customers can sign up for tests and assessments, check their status, view findings as they are uncovered, view remediation recommendations, and communicate directly with X-Force Red testers, eliminating time-consuming back and forth and the manual sharing of spreadsheets.
“We are very excited to be a part of X-Force Red’s vulnerability assessment offering. In the face of explosive growth in attacks to ERP systems, as evidenced by the US Department of Homeland Security releasing two critical alerts in the past three years, organizations have realized they must incorporate ERP continuous vulnerability assessment and monitoring into their security programs. With Onapsis’ patented ERP cybersecurity technology, combined with X-Force Red’s security expertise and attacker mindset, organizations can now quickly understand their security posture, and receive actionable information on how to ensure the core of their business is secure,” said Mariano Nunez, CEO and Co-founder, Onapsis Inc.
“SAP and Oracle ERP are applications that many organizations use for sensitive business processes,” said Charles Henderson, Global Partner and Head of X-Force Red. “Because of their importance and the kind of data they hold, it is crucial these applications are scanned and tested continuously so that critical vulnerabilities can be remediated before attackers find them. Our collaboration with Onapsis will make that mission come to fruition.”
X-Force Red delivers vulnerability assessment and security testing programs that focus on uncovering vulnerabilities across applications, hardware, personnel, internet-connected devices, networks, cars, ATMs, blockchain and just about everything else. The team is comprised of veteran hackers who apply the same tools, techniques, practices and mindset as attackers, uncovering exploitable vulnerabilities that may lead criminals to the crowned jewels.
This collaboration further highlights Onapsis’ increased effort on growing the global ERP security partner ecosystem. Onapsis also works closely with the IBM Security Services group for protecting, continuous monitoring, addressing compliance and enabling cloud migrations of some of the world’s largest organizations.
About Onapsis
Onapsis cybersecurity solutions automate the monitoring and protection of your SAP and Oracle applications, keeping them compliant and safe from insider and outsider threats. As the proven market leader, global enterprises trust Onapsis to protect the essential information and processes that run their businesses.
Headquartered in Boston, MA, Onapsis serves over 200 customers including many of the Global 2000. Onapsis's solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, Deloitte, E&Y, IBM, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform™, which is the most widely-used SAP-certified cybersecurity solution on the market. Unlike generic security products, Onapsis's context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs, who continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts at the Onapsis Research Labs were the first to lecture on SAP cyberattacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. Onapsis has been issued U.S. Patent No. 9,009,837 entitled “Automated Security Assessment of Business-Critical Systems and Applications,” which describes certain algorithms and capabilities behind the technology powering the Onapsis Security Platform™. This patented technology is well known, industry wide, and has gained Onapsis recognition on the Deloitte Technology Top 500, as a Red Herring North America Top 100 company and a SINET 16 Innovator.
For more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn.
Onapsis and Onapsis Research Labs are registered trademarks of Onapsis, Inc. All other company or product names may be the registered trademarks of their respective owners.
You May Also Like