Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

3/14/2019
03:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Onapsis and Exabeam Partner to Bring ERP to the Security Operations Center

New integration Improves Monitoring, Threat Detection, Incident Response and Compliance

Boston, MA – March 13 - Onapsis, the global leader in ERP cybersecurity and compliance, today announced a technology alliance and product integration with Exabeam, the Smarter SIEM TM company, to give security teams access to enterprise resource planning (ERP) vulnerability logs in their security incident and event management (SIEM) for security monitoring, threat detection, incident response and audit compliance.

Global 2000 organizations run their business on, and store their sensitive data in, ERP applications such as SAP and Oracle E-Business Suite. Nation-state threat actors, hacktivitists and cybercriminals are turning their sights to these systems with targeted campaigns using technology found on the dark web. Many organizations remain vulnerable, having not updated security patches, despite warnings from DHS US CERT to update critical patches, or because they continue to rely on legacy security approaches. In addition, a lot of the biggest breaches broke through the perimeter with phishing, third parties, or common vulnerabilities and then pivoted to compromise ERP systems.

By making business-critical ERP applications an integrated part of the Security Operations Center (SOC), organizations gain visibility and context needed to investigate and respond to incidents and comply with data-intensive regulations such as GDPR. The new joint solution integrates Onapsis and the Exabeam Security Management Platform (SMP) to allow security teams to quickly detect and respond to threats by providing them with continuous visibility of ERP vulnerabilities, additional context to investigate security alerts and the ability to quickly respond to incidents.

The new integration allows the Exabeam SMP to ingest ERP vulnerability logs from Onapsis via syslog to gather all the critical vulnerabilities, misconfigurations and ERP security events detected by Onapsis. ERP data is combined with data from other systems, modeled using behavioral analytics, and displayed in Exabeam Smart Timelines™, machine-created timelines of user and device behavior, so analysts can quickly detect and investigate attacker tactics, techniques and procedures.

“InfoSec professionals today work in a threat environment where they face adversaries with unprecedented sophistication, persistence and technology,” said Ted Plumis, VP of Worldwide Channels at Exabeam. “We are excited to work with Onapsis to deliver a streamlined security solution for ERP systems. This partnership ensures that our mutual customers can quickly identify suspicious activity and remediate threats in their environment.”

“We are excited to be onboard as a partner of Exabeam and combining our product offerings. With the growing trend in attacks targeting the organization’s core applications, it is imperative that security teams understand and evaluate the logs and events of their ERP systems. Our partnership with Exabeam will allow companies to gain awareness into the security posture of their ERP business applications as it will now be fed into and displayed on their SIEM dashboard,” said Darren Gaeta, VP of Worldwide Alliances and Channels, Onapsis Inc.

The Onapsis Security Platform™ is the most widely-used SAP-certified cybersecurity solution on the market. Unlike generic security products, Onapsis's context-aware solution delivers both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data.

About Onapsis

Onapsis cybersecurity solutions automate the monitoring and protection of your SAP and Oracle applications, keeping them compliant and safe from insider and outsider threats. As the proven market leader, global enterprises trust Onapsis to protect the essential information and processes that run their businesses.

Headquartered in Boston, MA, Onapsis serves over 200 customers including many of the Global 2000. Onapsis's solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, Deloitte, E&Y, IBM, KPMG and PwC. For more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn.

About Exabeam

 

Exabeam is the Smarter SIEMTM company. We empower enterprises to detect, investigate, and respond to cyberattacks more efficiently so their security operations and insider threat teams can work smarter. Security organizations no longer have to live with excessive logging fees, missed distributed attacks and unknown threats, or manual investigations and remediation. With the Exabeam Security Management Platform, analysts can collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response, both on-premises or in the cloud. Exabeam Smart TimelinesTM, sequences of user and device behavior created using machine learning, further reduce the time and specialization required to detect attacker tactics, techniques, and procedures. For more information, visit  https://www.exabeam.com.

Exabeam, Smarter SIEM, Smart Timelines and Security Management Platform are trademarks of Exabeam, Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2019 Exabeam, Inc. All rights reserved.

 

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.