With the Onapsis Agentic Gateway, organizations gain a standardized interface that allows authorized AI agents to access SAP security telemetry directly. The platform leverages the Model Context Protocol (MCP) and targets IT, security, and SAP teams looking to automate security-related processes more extensively.
SAP systems form the operational backbone of many organizations – and are equally frequent targets of cyberattacks. Until now, security analyses for these systems were largely confined to specialized tools with limited integration into broader IT environments. Onapsis addresses this gap with a new platform capability.
The Onapsis Agentic Gateway connects SAP security telemetry to external AI agents using the Model Context Protocol (MCP), an open standard enabling different AI systems to access external data sources. Supported agents include Microsoft Copilot, Anthropic Claude, Google Gemini, OpenAI ChatGPT, and custom-built agents.
Natural Language Queries Replace Specialized Skills
A key feature of the new capability is support for Natural Language Queries (NLQ). Teams can retrieve security and compliance information within existing AI platforms, SOC environments, and business AI applications without needing to learn specialized query languages.
The platform also enables the automation of complex processes – such as identifying critical vulnerabilities in S/4HANA systems and generating remediation plans automatically. Another component is the matching of an organization’s SAP landscape against current findings from the Onapsis Research Labs, enabling early identification of risks from emerging zero-day threats.
Data Privacy and Control Remain Central
Onapsis emphasizes that the new features were developed with security and privacy requirements in mind. SAP metadata is protected throughout, and AI agent access is restricted to authorized channels only. Mariano Nunez, CEO and co-founder of Onapsis, frames the approach as a shift away from isolated SAP security thinking. Risk analyses for SAP systems, he argues, should integrate directly into agent-based workflows – not merely as a data access layer, but as an active component of automated processes.
Context and Outlook
Onapsis’s move follows a broader market trend: AI agents are increasingly embedded in enterprise infrastructure to handle repetitive tasks and accelerate decision-making. In the security domain, this means that analyses previously requiring specialized human expertise can now be partially automated.
Onapsis, which is recommended by SAP, positions the Agentic Gateway as a bridge between SAP-specific threat intelligence and enterprise-wide AI infrastructure. Detailed availability timelines for the announced features had not been disclosed at the time of publication.
Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Contact via Mail: jakob.jung@security-storage-und-channel-germany.de