The business application itself represents a massive attack surface that has been overlooked by Auditing and Information Security practices, despite the fact that these threats could lead to greater business risk.
Boston, MA (PRWEB)
September 14, 2017
Onapsis, the global experts in SAP and Oracle application cybersecurity and compliance, today released “An Introduction to E-Business Suite Application Security.” As the 14th edition in the Onapsis Security In-Depth publication series, and the first focusing solely on Oracle E-Business Suite (EBS), this guide describes the steps organizations can take to secure Oracle EBS – rated in an August 2017 Ponemon Institute study of close to 600 organizations as the most, or one of the most, critical applications to the their operations.
“An Introduction to E-Business Suite Application Security” also maps how organizations can apply the 2017 Open Web Application Security Project (OWASP) Top 10 most important web application security weaknesses to Oracle EBS.
Oracle EBS runs thousands of organizations worldwide. It offers a series of modules that can be integrated with each other, creating a complete business management system which span operations such as Customer Relationship Management (CRM), Finance Management, Human Capital Management, Supply Chain Management, Procurement and many others. The complex configurations and customizations of business-critical applications like Oracle EBS introduce security concerns. Combined with a rising trend in Oracle EBS vulnerabilities, if these concerns are not mitigated properly, they are subject to cyberattacks and that could impact the confidentiality, integrity and/or availability of critical business information – at an estimated average cost of $5 million, according to Ponemon.
“Oracle security teams have typically focused on database security or configuring application roles and profiles securely. While both of these security methods are mandatory to any organization, the business application itself represents a massive attack surface that has been overlooked by Auditing and Information Security practices, despite the fact that these threats could lead to greater business risk. With this publication we hope to give Oracle EBS customers practical…