Onapsis Reviews & Insights

Score9.8 out of 10

9 Reviews and Ratings

Get a Demo

Onapsis Reviews

3 Reviews

Great tool in protecting intelligent enterprise

Rating: 9 out of 10

Incentivized

July 22, 2021

Use Cases and Deployment Scope

Onapsis is a great tool when it comes to help reduce regulatory compliance issues through an automated continuous compliance process for the IT controls related to regulations. Onapsis has a prime objective of monitoring and protecting ERP systems that have been run on Oracle or SAP platforms. The entire process contains identification, assessment and the elimination of weak points. The service also detects unauthorized charges or network-based attacks.

Pros

Eliminating the manual process improves the overall accuracy of results and also frees up valuable resources to focus on other different projects.
Onapsis provides great leverage to our technical teams in order to review in a standardized way of the landscape.
Onapsis always matches vulnerabilities with useful context and finds possible solutions.
Onapsis is usually implemented to continuously monitor, and alert us on any issues on the SAP systems. Not only this but implementing Onapsis also eliminates the network on the year-end and month-end audits and helps in making the overall process faster, smooth, efficient as well as accurate.

Cons

As far as the cons of Onapsis are concerned then Onapsis can be a little more useful if you have the option to classify or even reindex vulnerability scores based on the specific landscape.
It has a tedious setup of control management and there are no proper error messages being received on Onapsis which is a drawback for users.

Likelihood to Recommend

As a user, I would recommend Onapsis for people who are shorthanded in security or basis teams. One thing to be clear is that this is not a cheap product but still every penny counts here. If your SAP system has multiple products and connections then Onapsis is a great tool.

Kelly Cokorudy

Operations Manager at Christmas Tree Shops (5001-10,000 employees)

Vetted Review

1 year of experience

View profile

Onapsis is the red pill for SAP security, once you are aware of all the things that it analyze, you cannot ignore them anymore

Rating: 9 out of 10

Incentivized

April 30, 2021

Use Cases and Deployment Scope

In Tenaris we have used Onapsis to automatically review from a security perspective our complex SAP landscape, which include different products, with both business and technical use cases. It had mainly two different internal clients, our BASIS team for SAP Notes control, and our security architecture team for landscape hardening and vulnerability record.

Pros

Its a great leverage for our technical teams to review in a standard way all our landscape
It shows in a unified and ease to read way different and complex topics
Allways match vulnerabilties with usefull context and possible solutions

Cons

It will be usefull if you could reclasify or reindex vulnerability score based on your specific landscape
Graphic connections of the issues map will lead to a better understanding of the real impact in case of a breach and/or exploit
Not really much to add here, overall I think that is a great product

Likelihood to Recommend

It really make sense if you are short handed in security or basis team, that it is most likely to be the case, and have a complex landscape to control. Is not a cheap product, but it worth it if your SAP systems have multiple products and connections, for a single instance or low complexity scenarios, probably will result too much money for the proposed value

Verified User

Team Lead in Information Technology (10,001+ employees)

Vetted Review

2 years of experience

Onapsis - Continually Protecting the Intelligent Enterprise

Rating: 9 out of 10

Incentivized

April 6, 2021

Use Cases and Deployment Scope

Onapsis helps reduce regulatory compliance issues via an automated continuous compliance process for the IT controls related to regulations such as Sarbanes-Oxley (SOX), GDPR, PCI-DSS and others.

Eliminating this manual process improves the accuracy of results and frees up valuable resources to focus on other projects. We specifically are implementing the Onapsis Security Suite to continuously monitor, and alert us on any issues on the SAP systems.

Implementing the Onapsis Security Suite also eliminates rework on the year-end and month-end audits and helps in making the process faster, efficient and accurate, and in case there are violations in the compliances, Onapsis notifies the team via email regarding it.

Pros

Implement continuous compliance
Gain efficiencies
Reduced risk of non-compliance
Define specific audit policies
More accurate audits

Cons

Multiple UIs
No proper customization of UI log-off
Tedious setup of Control component
No proper error messages received

Likelihood to Recommend

Onapsis is divided into 4 major components,

Assess
Comply
Defend
Control

In assess, it does a whitebox and blackbox testing of the ERP systems that have been added to the Onapsis console. It highlights relevant application issues and automates the process, also provides the solutions to implement the fix.

In comply, it provides a governance on the various regulatory compliances which the firm has to follow, as well as provides a firm grip to the audit and ERP admin team.

In control, it enables a workflow of 15 pre-defined parameter values within the SAP system and helps monitor, and track the changes made to those parameters. The capabilities are to either block, or request for an approval for changes made to those parameters in addition to just monitoring them.

In defend, it goes through the SAP logs; and compares it with a pre-defined ruleset to alert the end-users via email or SIEM tool or both.

Jineshwar Panchal

Consultant in Information Technology at Deloitte AERS India Pvt Ltd (10,001+ employees)

Vetted Review

Reseller

4 years of experience

Loading Reviews List....