Onapsis, a leading corporate cybersecurity specialist, and Exabeam, developer of a behavior-based security intelligence platform, are teaming to give corporate security teams access to vulnerability logs toÂ defend ERP business applicationsÂ from sophisticated attacks that often overwhelm legacy security systems.
SecurityÂ experts will useÂ the logs from the U.S.-based tech companies to reinforce their security incident and event management (SIEM) processes â€” including standard monitoring, threat detection, incident response and audit compliance.
As more large organizations lean on enterprise resource management (ERP) business management platforms like SAP and Oracle, the corporations are also facing increasingly complex cybersecurity threats from nation states includingÂ North KoreaOpens a new window andÂ RussiaOpens a new window , as well asÂ groups of hacktivists and organized cybercriminals.
ERP systems have come under new pressures from these bad actors, some of whom have launchedÂ highly targeted campaigns. ButÂ many firms are failing to update their ERP securityÂ with regular patches, despite warnings from the Homeland SecurityÂ DepartmentOpens a new window .
Legacy ERP Security
According to Onapsis, many companies are still relying on legacy securityÂ systems.
In the past, many of theÂ largest breaches of ERP systems were createdÂ by attackers who usedÂ simple tactics like phishing, third parties and common vulnerabilities to gain access and then compromise the systems. But todayÂ security professionals â€œworkÂ in a threat environment where they face adversaries with unprecedented sophistication, persistence and technology,â€ says Ted Plumis, an Exabeam vice president.
The Onapsis security platform is the most widely used SAP-certified cybersecurity system on the market. Unlike generic security products, Onapsis’ context-aware system delivers both preventative vulnerability and compliance controls, along with real-time detection and incident response capabilities that reduce the risks affecting critical business processes and data.
Pool Security Resources
The joint solution from Onapsis and Exabeam creates an integrated Security Operations Center (SOC)Opens a new window that corporate security teams can use to monitor ERP systems for vulnerabilities as well asÂ provideÂ additional context for investigating security alerts. Response times to incidents also areÂ improved considerably.
â€œThis partnership ensures that our mutual customers can quickly identify suspicious activity and remediate threats in their environment,â€ says Plumis.
Exabeam’s Server Message Block (SMB) protocol providing shared file access can now importÂ ERP vulnerability logs from Onapsis’ security platform. The data is ingested immediately throughÂ a syslog that gathers all critical vulnerabilities, misconfigurations and ERP security events detected by Onapsis. The ERP data is combined with data from other systems, modeled using behavioral analytics, and then displayed via machine-created timelines of user and device behavior.
These analytics allow for the fast detection and investigation of attacker tactics, techniques and procedures.
â€œWith the growing trend in attacks targeting the organization’s core applications, it is imperative that security teams understand and evaluate the logs and events of their ERP systems,â€ says Darren Gaeta, an Onapsis vice president.
â€œOur partnership with Exabeam,â€ Garta says, â€œwill allow companies to gain awareness into the security posture of their ERP business applications as it will now be fed into and displayed on their SIEM dashboard.â€
- Corporate ERP platforms are facing the increased threat of hackingÂ attacks from a range of bad actors, including other countries’ intelligence agencies.
- Vulnerabilities within corporate security systems are creating vulnerabilities for ERP software.
- The partnership between Onapsis and Exabeam creates a unified activity log, allowing security teams to monitor activity across an organization’s ERP platform at a more granular and real-time level, providing the ability to reactÂ quickly to threats.