The Proposed Acquisition Will Strengthen Onapsis’s Leadership in ERP Cybersecurity, Enabling Customers to Holistically Secure Customizations of Their Cloud and On-Premise Business-Critical Applications
Onapsis, the global leaders in ERP cybersecurity and compliance, announced it has entered into a definitive agreement to acquire privately-held Virtual Forge, headquartered in Heidelberg, Germany. Onapsis’s platform is the most widely-used cybersecurity solution that protects the ERP systems and business-critical applications of the world’s largest organizations. Founded in 2006, Virtual Forge is the leading provider of solutions to automatically prevent, detect and remediate cybersecurity and compliance risks in customizations and extensions of SAP® applications. The combination of Onapsis and Virtual Forge will empower customers to have unparalleled visibility, incident response, management and compliance for business-critical applications.
“Organizations are continuously extending their cloud and on-premise ERP applications to support evolving business requirements, which introduces serious cybersecurity and compliance risks if not properly managed. With this acquisition, organizations will have one single partner and one single platform to secure and protect their SAP infrastructure, including segregation of duties, custom code analysis, vulnerability assessments, secure change management, compliance automation and continuous monitoring,” stated Mariano Nunez, CEO and Co-founder, Onapsis Inc. “We are excited to combine the unique technology, talent and domain expertise of our companies to help organizations further secure the critical applications that run their business.”
Read More: Interview With Maria Loupa, Account Director at Ballou PR
This acquisition will happen in a context where global organizations have become acutely aware of the urgent need to protect their ERP applications: in May of 2016, ERP application cybersecurity was brought to the forefront when the first ever Department of Homeland Security US-CERT alert for ERP Business Applications was released, warning organizations of cyber attacks targeting these critical applications. Since then, the trend of ERP attacks has continued to rise at an alarming rate, ranging from hacktivists and malicious insiders to cyber criminal groups and state-sponsored attacks. This is further evidenced by the second Department of Homeland Security US-CERT alert, released in July of 2018, warning of malicious cyber activity to ERP applications.
Virtual Forge’s patented solutions help secure modern extensions developed on the SAP Cloud Platform for cloud business applications, including SAP S/4HANA®, SAP C/4HANA®, SAP SuccessFactors®, SAP Ariba®, SAP Concur® and SAP Fieldglass®, as well as traditional on-premise SAP applications developed on the SAP ABAP programming language.
Read More: Interview With Sven Lubek, Managing Director at WeQ
“We are excited to join Onapsis in the shared vision of protecting the world’s business-critical applications. Together, we will have the most comprehensive technology portfolio in the industry, global scale and a strong team of over 300 experts in the ERP and cyber security domains,” stated Dr. Markus Schumacher, CEO and Co-Founder, Virtual Forge.
“As an organization faced with the daily challenge of securing critical applications, we use both Virtual Forge and Onapsis solutions. However, having separate vendors and lack of integration makes it difficult for us to manage compliance and risk holistically. With this acquisition, we and all SAP customers will now have a one-stop shop for SAP cybersecurity needs, reducing resources, time and cost; consolidating reporting and compliance demands,” stated Mario Chiock, Schlumberger Fellow and CISO Emeritus.
“As financially motivated attackers turn their attention ‘up the stack’ to the application layer, business applications such as ERP, CRM and human resources are attractive targets. We advise organizations that to properly secure business-critical ERP applications they need to breakdown their overall strategy into five core elements that encompass segregation of duties, custom code scanning, vulnerability assessment, intrusion monitoring and intrusion prevention. With these five key elements, organizations can reach a high level of maturity in securing ERP applications,” stated Neil MacDonald, Distinguished VP Analyst, Gartner1.
Read More: Interview with Scot Marcotte, Chief Technology Officer at Buck
With today’s announcement, Onapsis will continue rapid expansion into global markets, building upon Virtual Forge’s excellent international reputation. The acquisition is expected to close in the first half of 2019, subject to customary closing conditions and required regulatory approvals.
1Gartner, “Hype Cycle for Application Security, 2018” Analyst(s): Ayal Tirosh, Published: 27 July 2018, ID: G00340359.
Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Read More: Facebook Realigns Marketing Policy to Support New ‘Ethical AI’ Research
