Onapsis Expands SAP Security Platform With New Tools for a Record Year of Attacks

SAP systems—the lifeblood of finance, logistics, and operations for thousands of global enterprises—are facing a wave of unprecedented attacks in 2025. Onapsis, a Boston-based firm specializing in SAP security and compliance, is responding with a slate of new capabilities designed to give defenders sharper visibility and faster control over critical business applications.

The company unveiled three new features to its platform: the SAP Notes Command Center, Rapid Controls for Dangerous Exploits, and Alert on Anything for SAP Business Technology Platform (BTP). Alongside these, an expanded coverage module in its Security Advisor promises to shine a light on assets enterprises may not even realize are exposed.

Targeting Pain Points in SAP Defense

The updates zero in on some of the most persistent headaches in SAP security: endless false positives, delayed patch validation, and the difficulty of prioritizing risks across sprawling enterprise environments.

“This is a pivotal time in SAP security. Organizations no longer have the time to spend sorting through false positives or wondering if a patch is applied correctly; instead, they need security solutions that are customizable to their business and attack surface,” said Mariano Nunez, CEO of Onapsis. “The new capabilities in our Assess and Defend products, as well as the expansion of our platform, provide our customers with the technologies they need to keep ahead of sophisticated threat actors, protect their most valuable data, and achieve business resilience.”

The SAP Notes Command Center introduces a centralized dashboard for managing patch cycles. By automating patch validation—including manual workarounds—it aims to help administrators confirm fixes actually stick, a longstanding weak point in SAP operations.

The Rapid Controls module leverages detection rules to guard against the most severe vulnerabilities in real time. With regulatory pressure rising under frameworks like the EU’s NIS2 Directive and new U.S. SEC rules, proactive exploit monitoring could be a compliance game-changer.

And for organizations building on SAP BTP, the new Alert on Anything capability enables custom monitoring tailored to each company’s workflows and threat models.

Closing Gaps in Coverage

Onapsis is also expanding its Security Advisor with coverage analysis that identifies unmonitored assets across a company’s SAP landscape. This move highlights a growing concern: many enterprises run vast SAP estates without realizing that some critical systems fall outside their active monitoring strategy.

“Onapsis’ unique insights and unmatched data set put us at the forefront of application security,” said Sadik Al-Abdulla, Chief Product Officer at Onapsis. “With the launch of these new enhancements, organizations are able to take control of their SAP security by proactively addressing any vulnerabilities and automatically identifying assets that aren’t protected in their security landscape but could weaken or cause disruption to their SAP applications.”

Industry Context

The timing of these updates reflects a turbulent year for SAP customers. Researchers have tracked a record volume of exploit attempts targeting ERP and other business-critical systems, with attackers increasingly zeroing in on supply chain vulnerabilities and authentication bypasses. The stakes are high: a breach in SAP often means direct exposure of financial records, employee data, and operational blueprints.

By emphasizing automation, contextual insights, and customization, Onapsis is positioning its platform as a counterweight to both regulatory demands and adversaries’ evolving tactics. The new capabilities will roll out in late September 2025, with availability through direct sales and integration partners.