Security company builds intrusion detection system for SAP

The product, Onapsis IPS, is a set of signatures for IPS appliances tuned to detect SAP exploits

Security company Onapsis released on Wednesday a product that allows intrusion detection systems to recognize attacks against SAP applications holding critical financial and business data.

The product, called Onapsis IPS, is a collection of signatures, or tell-tale signs that a hacker may be trying to exploit an SAP system, said Mariano Nunez, CEO of Onapsis, headquartered in Boston. Onapsis conducts penetration testing and vulnerability assessment for SAP software.

Large enterprises use SAP's ERP (enterprise resource planning) and CRM (customer relationship management) software to manage payroll, invoices and supply chains, forming a central part of how a business is electronically managed. The applications handle very sensitive information.

In the last few years, SAP software has come under increasing scrutiny from security researchers and hackers, Nunez said. SAP has been releasing around 60 patches a month for its systems and has released more than 2,000 security patches since 2010.

The number of patches poses a problem for system administrators, who often must shut down the software and test it to make sure the patches work. It's complicated work that takes a long time.

"Many organizations don't apply SAP security patches promptly," Nunez said. "Some of them do not even apply them at all."

The time in between when an attack becomes public and when the patch is applied is an open window in which hackers could successfully attack. Although many companies have intrusion protection or detection systems (IPS/IDS), those systems are not tuned to detect SAP attacks.

To solve that problem, Onapsis has developed Snort signatures, which can be imported into most IPS/IDS appliances on the market. Nunez said Onapsis thought it was better to write signatures rather than build a separate appliance, he said.

Once the signatures are imported, administrators can decide then whether they want to stop an attack or be sent an alert when one is under way, Nunez said. SAP attacks are rarely publicized widely, which has lead to a lower awareness for enterprises even though a breach could have a significant impact on their business if data was compromised.

"What we found is many organizations told us they have never been hacked but they don't have any security auditing feature enabled," Nunez said. "The only truth is they really don't know. The fact they have never seen any alerts really doesn't mean it is not happening."

Onapsis IPS will be sold as an annual subscription, with new signatures sent monthly, Nunez said. The price is based on the number of IP addresses connected to the SAP software, he said.

Among the company's other products is X1, a tool that will allow companies to test their ERP (enterprise resource planning) software for vulnerabilities and shows how those problems could reveal critical business information and how to fix them.

Send news tips and comments to jeremy_kirk@idg.com

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?