Cybersecurity Partnership Tackles ERP System Vulnerabilities to Hack Attacks


Onapsis, a leading corporate cybersecurity specialist, and Exabeam, developer of a behavior-based security intelligence platform, are teaming to give corporate security teams access to vulnerability logs to defend ERP business applications from sophisticated attacks that often overwhelm legacy security systems.

Security experts will use the logs from the U.S.-based tech companies to reinforce their security incident and event management (SIEM) processes — including standard monitoring, threat detection, incident response and audit compliance.

As more large organizations lean on enterprise resource management (ERP) business management platforms like SAP and Oracle, the corporations are also facing increasingly complex cybersecurity threats from nation states including North KoreaOpens a new window and RussiaOpens a new window , as well as groups of hacktivists and organized cybercriminals.

ERP systems have come under new pressures from these bad actors, some of whom have launched highly targeted campaigns. But many firms are failing to update their ERP security with regular patches, despite warnings from the Homeland Security DepartmentOpens a new window .

Legacy ERP Security

According to Onapsis, many companies are still relying on legacy security systems.

In the past, many of the largest breaches of ERP systems were created by attackers who used simple tactics like phishing, third parties and common vulnerabilities to gain access and then compromise the systems. But today security professionals “work in a threat environment where they face adversaries with unprecedented sophistication, persistence and technology,” says Ted Plumis, an Exabeam vice president.

The Onapsis security platform is the most widely used SAP-certified cybersecurity system on the market. Unlike generic security products, Onapsis’ context-aware system delivers both preventative vulnerability and compliance controls, along with real-time detection and incident response capabilities that reduce the risks affecting critical business processes and data.

Pool Security Resources

The joint solution from Onapsis and Exabeam creates an integrated Security Operations Center (SOC)Opens a new window that corporate security teams can use to monitor ERP systems for vulnerabilities as well as provide additional context for investigating security alerts. Response times to incidents also are improved considerably.

“This partnership ensures that our mutual customers can quickly identify suspicious activity and remediate threats in their environment,” says Plumis.

Exabeam’s Server Message Block (SMB) protocol providing shared file access can now import ERP vulnerability logs from Onapsis’ security platform. The data is ingested immediately through a syslog that gathers all critical vulnerabilities, misconfigurations and ERP security events detected by Onapsis. The ERP data is combined with data from other systems, modeled using behavioral analytics, and then displayed via machine-created timelines of user and device behavior.

These analytics allow for the fast detection and investigation of attacker tactics, techniques and procedures.

“With the growing trend in attacks targeting the organization’s core applications, it is imperative that security teams understand and evaluate the logs and events of their ERP systems,” says Darren Gaeta, an Onapsis vice president.

“Our partnership with Exabeam,” Garta says, “will allow companies to gain awareness into the security posture of their ERP business applications as it will now be fed into and displayed on their SIEM dashboard.”

Key takeaways:

  • Corporate ERP platforms are facing the increased threat of hacking attacks from a range of bad actors, including other countries’ intelligence agencies.
  • Vulnerabilities within corporate security systems are creating vulnerabilities for ERP software.
  • The partnership between Onapsis and Exabeam creates a unified activity log, allowing security teams to monitor activity across an organization’s ERP platform at a more granular and real-time level, providing the ability to react quickly to threats.