Onapsis Enhances SAP Security with New Capabilities: Intelligent Patches, Fast Controls, and Expanded Coverage on SAP BTP

Cybersecurity in SAP environments is facing a critical moment: attacks against essential business applications are reaching record numbers this year, and thousands of organizations have suffered incidents in their most sensitive systems. In this context, Onapsis, a global leader in cybersecurity and compliance for SAP, has announced significant updates to its platform, featuring three key innovations:

  • SAP Notes Command Center, a control hub to anticipate and validate patches.
  • Rapid Controls, quick measures against dangerous exploits.
  • Alert on Anything for SAP Business Technology Platform (BTP), which expands threat monitoring capabilities.

This is complemented by an enhancement of the Onapsis Security Advisor, which broadens coverage analysis to uncover unmonitored assets. According to the company, the goal is clear: give organizations greater visibility, automation, and confidence to stay ahead of attackers.


The urgency of securing SAP amidst a wave of attacks

SAP applications manage critical business processes across thousands of companies, from payroll and finance to supply chain. Their exploitation has become a priority for cybercriminal groups and state actors aware of the immense value of the data.

Mariano Núñez, CEO of Onapsis, expressed this decisively:

“Organizations no longer have time to classify false positives or doubt whether a patch was applied correctly. They need security solutions tailored to their business and attack surface. With these capabilities, we provide the technology that will enable them to proactively combat sophisticated threats, protect their most valuable data, and ensure business resilience.”


Highlights of the Onapsis Platform updates

1. SAP Notes Command Center

Available within the Assess module, this new dashboard helps to anticipate SAP “patch days”, prioritize tasks, and gain more context on each SAP Note application.

Key features include:

  • Eliminating false positives and reducing the risk of undetected vulnerabilities.
  • Automatically validating that patches, including manual configurations or workarounds, have been correctly applied.
  • Saving time in patch management and increasing confidence in regulatory compliance.

2. Rapid Controls for critical exploits

Built on Defend’s exclusive exploit detection rules, Rapid Controls allows:

  • Monitoring malicious activity against the most dangerous SAP vulnerabilities.
  • Proactively responding before an exploit causes an incident.
  • Supporting compliance with regulations such as the European NIS2 directive or the SEC standards in the US.

3. Alert on Anything for SAP BTP

This new feature enhances cloud security flexibility in SAP:

  • Enabling custom alerts tailored to different use cases.
  • Improving monitoring of the Business Technology Platform, increasingly adopted in hybrid environments.
  • Easing the integration of security into specific business processes.

4. Expansion of the Onapsis Security Advisor

The tool now automatically identifies assets within the SAP environment that are not being monitored. This increases visibility and reduces the risk of critical systems being overlooked and becoming entry points for attackers.


Product perspective: end-to-end visibility and control

For Sadik Al-Abdulla, Onapsis Product Director, these improvements mark a turning point:

“With these releases, organizations take control of their SAP security by proactively addressing vulnerabilities and detecting unprotected assets that could weaken or disrupt their critical applications.”

The enhancement of capabilities in Assess (assessment) and Defend (active defense) aims to deliver a 360° view of security, from patch management to real-time threat detection.


Availability and next steps

The new capabilities will be available by the end of September 2025. The company will provide further details on pricing and deployment through its authorized sales representatives and system integrators.


Onapsis: a benchmark in SAP cybersecurity

Onapsis is the most widely supported SAP solution on the market for protecting its applications, whether in S/4HANA Cloud, RISE with SAP or in hybrid architectures. Its platform combines:

  • Automated compliance.
  • Vulnerability management.
  • Threat detection.
  • Secure application development.

Backed by the Onapsis Research Labs, considered the leading cybersecurity research group for SAP, the company has established itself as a trusted partner for organizations seeking rapid innovation without compromising their assets.


Conclusion

The new features introduced by Onapsis arrive at a pivotal moment for enterprise cybersecurity. Growing digitalization, evolving global regulations, and the increasing sophistication of cyberattacks demand tight control over platforms like SAP.

With SAP Notes Command Center, Rapid Controls, and expanded capabilities in BTP and Security Advisor, Onapsis offers a solution that reduces uncertainty, automates critical tasks, and closes visibility gaps that attackers often exploit.

In a market where every minute of downtime can cost millions, these improvements represent a step forward toward the operational resilience and regulatory security that companies require.


Frequently Asked Questions

What is Onapsis’s SAP Notes Command Center?
A new dashboard in the Onapsis platform that helps prioritize, apply, and validate SAP patches, eliminating false positives and reducing the risk of unpatched vulnerabilities.

How do Rapid Controls work against dangerous exploits?
They are proactive detection and control rules that monitor exploitation attempts of critical SAP vulnerabilities, allowing response before incidents occur and aiding regulatory compliance such as NIS2 or SEC rules.

What does Alert on Anything for SAP BTP add?
It enables customized threat monitoring in SAP BTP, tailoring security controls for various use cases and providing greater flexibility in hybrid and cloud environments.

Why is expanded coverage analysis important in Onapsis Security Advisor?
Because it automatically identifies unmonitored SAP systems, preventing security blind spots and reducing the risk that critical assets are exploited without detection.

via: onapsis

Scroll to Top