Onapsis to Confront Escalating SAP Security Risks at SAPinsider 2026

BOSTON, MA – March 05, 2026 – As the global SAP community prepares to gather in Las Vegas, cybersecurity leader Onapsis is poised to take center stage, addressing the escalating threats to the mission-critical systems that power the world's largest enterprises. The company’s premier sponsorship of SAPinsider Las Vegas 2026, from March 16-19, comes at a critical time when the rapid adoption of AI and cloud technologies has created what many experts describe as a perfect storm of risk for SAP environments.

Onapsis, a firm specializing in SAP security and compliance, will lead a series of high-profile discussions, including a mainstage keynote panel, aimed at defining a new, more resilient security framework for the modern enterprise. The focus is a direct response to a dramatic shift in the threat landscape that has left many organizations struggling to protect their most valuable data and processes.

A Perfect Storm of Threats for SAP Users

The urgency of the conversation is underscored by alarming industry data. Recent analysis reveals a staggering 400% increase in ransomware incidents since 2021 where SAP systems and data were compromised. Furthermore, threat intelligence indicates a massive 490% surge in conversations about SAP vulnerabilities and exploits across the open, deep, and dark web over the last two years. This heightened chatter from malicious actors demonstrates a clear and growing focus on enterprise resource planning (ERP) systems.

Security researchers have consistently warned that the speed of attacks is accelerating. Critical SAP vulnerabilities are often weaponized by attackers within 72 hours of a patch being released, leaving a dangerously narrow window for IT teams to respond. The problem is compounded in the cloud; new, unprotected SAP applications provisioned in public cloud environments can be discovered and compromised by automated scanners in less than three hours.

This new reality challenges traditional security postures. As companies migrate to S/4HANA and embrace hybrid models like RISE with SAP, the security perimeter has dissolved, creating a complex, interconnected ecosystem that is difficult to monitor and defend with legacy tools. The integration of AI further complicates matters, introducing new potential attack vectors while also offering opportunities for more intelligent defense.

Forging a New Architecture of Intelligence

At the heart of Onapsis's presence at SAPinsider is a mainstage panel keynote titled, "The New Architecture of Intelligence: Securing and Connecting the Future SAP Ecosystem." The session, scheduled for March 17, brings together a formidable lineup of industry leaders to dissect these challenges. Onapsis CEO and Co-Founder Mariano Nunez will be joined by Steve Lucas, Chairman and CEO of integration giant Boomi; Wael ElKabbany, a Microsoft Vice President overseeing SAP product and data management; and Steve Birgfeld, VP of Information Technology at Blue Diamond Growers, representing the crucial customer perspective.

The composition of the panel itself tells a story about the future of SAP security. It is no longer a siloed IT function but a collaborative effort requiring alignment between the security provider (Onapsis), the cloud infrastructure host (Microsoft), the integration platform (Boomi), and the enterprise customer (Blue Diamond Growers). The discussion is expected to explore how organizations can build a resilient foundation for their SAP applications at the intersection of AI, cloud transformation, and cybersecurity.

"The rapid evolution of AI and the shift toward the cloud have fundamentally changed the SAP security perimeter," stated Mariano Nunez in the company's announcement. "We are excited to demonstrate how the Onapsis Platform provides the visibility and automated protection required to secure these complex, intelligent ecosystems."

From Theory to Practice: Real-World Defense Strategies

Beyond the strategic mainstage discussion, Onapsis is grounding its message in practical application through a series of deep-dive sessions and customer case studies. The company aims to provide attendees with a comprehensive blueprint for modernizing their SAP security programs, moving from high-level theory to actionable, real-world defense tactics.

A key highlight will be a case study session featuring Siemens Healthineers, a global leader in medical technology. Onapsis’ Ashlee Fisher and Siemens Healthineers’ Nagarajan Nallaiah will detail the development of a centralized, scalable security platform that provides unified visibility across both on-premises and cloud SAP services. The project's success has earned the two companies a finalist nomination for the 2026 SAPinsider Awards in the prestigious Cybersecurity Project of the Year category, a significant validation of their innovative approach.

Another session will feature Anand Kotti of aerospace and defense conglomerate RTX, who will join Mariano Nunez to discuss the journey of creating a unified enterprise risk strategy for their mission-critical SAP systems. This presentation will offer insights into how large, complex organizations can achieve real-time visibility into their SAP landscape to proactively manage risk.

For attendees seeking hands-on knowledge, Onapsis CTO and co-author of the SAP Press bestseller “Cybersecurity for SAP,” Juan Perez-Etchegoyen, will lead an intensive two-part pre-conference session. This deep dive is designed to educate SAP professionals on understanding and preventing real-world attacks, leveraging intelligence gathered by the renowned Onapsis Research Labs.

The Onapsis Arsenal: A Platform Built for Modern SAP

Underpinning the company's thought leadership is the Onapsis Platform, a suite of tools endorsed by SAP itself. The platform is engineered to provide comprehensive security and compliance across the entire SAP stack, including RISE with SAP, S/4HANA, and hybrid environments. It is structured around three core pillars: Assess, Defend, and Control.

Onapsis Assess focuses on vulnerability management, giving organizations deep visibility into their SAP landscape to identify, prioritize, and remediate risks in standard and custom code. Onapsis Defend provides continuous threat monitoring, detecting suspicious activity and protecting against exploits, including zero-day threats identified by the Onapsis Research Labs. Finally, Onapsis Control integrates security into the development lifecycle (DevSecOps), allowing teams to scan code for vulnerabilities before it moves into production.

This integrated approach is designed to provide a single source of truth for both cybersecurity and SAP teams, who have historically operated in separate silos. By providing automated analysis and risk-prioritized alerts, the platform aims to help enterprises proactively prevent breaches, accelerate audits, and respond more effectively to threats in an increasingly complex and dangerous digital world.