Get in Touch

  1. SAP Vulnerability Assessment
  2. Open Source Software Vuln Assessment
  3. Oracle (PeopleSoft) Vulnerability Assessment

Read more

Who We Are

The leading Applications Security consultancy helping African businesses running on Open Source Applications, SAP and PeopleSoft Enterprise applications to mitigate cyber-security risks and compliance violations using the Industry’s multi-award winning methodologies and most credible solutions.
DeltaGRiC’s niche proposition is SAP Vulnerability Assessment & Penetration Testing plus SAP Forensics and Open Source Vulnerability Assessment.


G17, PineWood Office Park,
Woodmead, Johannesburg, 2191

Get Directions


Consulting: +27 11 083 9828
Fax: 27 11 052 2801

Why us?

We Are Your Trusted Security Experts!

According to the statistics of the number of vulnerabilities in business applications, there were more than 100 vulnerabilities patched in SAP products in 2009, it grew to more than 500 in 2010. By January, 2013, there had been more than 2500 SAP security notes about vulnerabilities in various SAP components. Today, 2015, the total number of Vulnerabilities on SAP run in excess of 3300. PeopleSoft also following same trend with 0-day exploits being recorded on the increase. Read more

  • Achieve organizational improvements and transformation
  • Increase business profitability
  • Consolidate cross-functional information to increase access to data
  • Assist customers identify gaps in their security program
  • Advise customers on needed components to reduce attack surface
  • Cost optimization
  • Developing an appropriate Security strategy

Deep Knowledge of Cyber Risk on Tier 1 Enterprise Applications (SAP/PeopleSoft)

When the time came to decide on our SAP/Oracle Cyber-Security related matters, we had to talk to DeltaGRiC Consulting. Today, regulatory and compliance demands that we know our true posture. We now know what leading enterprise should know about her Cyber Risk program on SAP/PeopleSoft. Our true reality is revealed and we are proud to not just be where our policy on the books says our security posture should be,  but we are there in reality!

Multidisciplinary Team

Our multi-disciplinary global team provides a suite of security assessment services designed to help our clients understand the vulnerabilities present in their environments and determine how to best manage them. We deliver top notch services in SAP / PeopleSoft Forensics as well as SAP Security Trainings

Coverage and Expertise

They shoot off from an Applications Consultancy Background with a special niche in SAP and PeopleSoft platform Security. They still remain the first, leading and only African company servicing West Africa on SAP Forensics, SAP Vulnerability Assessment, SAP penetration testing services combining it with PeopleSoft application stack including Oracle WebLogic and Oracle Database thereby giving leading companies the confidence to securely open their systems to partners, customers and suppliers without the fear of being compromised in our ever increasingly hostile threat environment.

Partnership with Leading Security Research firm - ERPScan

As your organization ventures into the Third Platform and leverage SAP or PeopleSoft for ERP, Big Data & Analytics, Cloud, Mobility, Social Media and the Internet of Things, you can trust DeltaGRiC as our preferred partner in Africa to secure your operations with the deployment of our 360 degree solution, covering all SAP and PeopleSoft/ Oracle security areas in one product; ERPScan – the only solution in the market certified by SAP SE covering all tiers of SAP security i.e. Vulnerability Assessment, Source Code review and Segregation of Duties.

First SAP cyber security project in Africa

CIO RSSC, Swaziland
Generally, cyber threats on IT landscapes have become a boardroom topic and something to be discussed from a strategic approach. At RSSC, we make it a point of duty to take all the necessary security measures that needed to be taken on our SAP landscape as per SAP recommendations, hence, the implementation of this cybersecurity project came through at the right time to show us what we could do better and how to maintain a more formidable SAP landscape


Open Source Software Security

OSS is helping companies develop innovative products faster, cheaper, it is important to add the secure element into the matrix.

More →

let us help you gain the truly secure, cheaper and faster way of using Open Source Software (OSS) develop innovative products at your company

Enterprise Application Security

DeltaGRIC specializes in the protection of Enterprise Applications (SAP and Oracle).

More →

let us provide you with an in-depth analysis of your SAP application vulnerabilities, misconfiguration settings and Z-code program security flaws

Software Advisory

Our Software Advisory arm acts as trusted advisors to businesses of all sizes and type.

More →

Cost optimization

OSS Logistics

bg2 OSS logistics provides enterprise with Systemic control over the successful integration of open source into the development and deployment of software…. More →

SAP Penetration Testing

aboutus-img2 It goes without saying that a user with SAP_ALL can be referred to as SAP GOD. As much as direct access to the database… More →

SAP Forensics For Organisations

bg2c Every breach occurs in such a way that the attacker (s) always leaves a signature tracks behind… More →

Oracle Vulnerability Assessment

bg2d With the Largest database of Oracle PeopleSoft issues including 0-days exploits, we work with our partners – ERPScan to… More →

In-Depth Training Workshops

bg2b We offer onsite and remote trainings though our technical partners. More →

FAQ’s & Blogs

  • I already have SAP GRC, why do I need to do use DeltaGRiC services?

    SAP GRC does not highlight the Vulnerabilities in your SAP Landscape, which might have resulted from either: Mis-configuration of the system, Normal vulnerabilities in the system and or exposed services from Portals, RFC’s and or SAP routers. We take Security Seriously, hence, we go beyond the Segregation of Duties and make sure that we support your security in an end to end manner.

  • We have implemented New Generation Firewall and use a solid Endpoint Security Technology?

    Ultimately, most Endpoint do not cover security on the Application layer. Sadly, only a few SAP implementation is done in such a way that Security audit logs are enabled. In the cases where, security audit logs are enabled, it is merely done for compliance fulfillment sake. As a matter of fact, many customers and SAP partners do not enable it in the bid to avoid system performance issues which could have been avoided by proper Hardware Sizing. In Security monitoring however, even with Security Audit logs enabled, some cyber security attacks will not be easily detected. Again, policies like BYOD or integration to the cloud only increase your attack surfaces the more.

  • Why would someone attack my SAP/PeopleSoft system?

    Your SAP / PeopleSoft system holds all your business critical information – HR data, Vendor masterlist, Business Partner relationships and other interdependencies including business blue prints as the case may be for manufacturers, or credit card and financial information of eh financial services industry. In today’s Cyber world, those data could be easily be sold to the wrong hands in the dark web to the detriment of your customers, your brand and again the violation of compliance like PCI DSS, or POPI act.

  • SAP systems can never be hacked and our system is secure! Besides, we have an internal network?

    In 2014 alone, over 391 Security alerts affecting SAP was issued by SAP Security Advisories and over 46% was classified as critically high some of these vulnerabilities are: Shellshock, poodle, heartbleed and malware specifically designed to target SAP – Zombie Zero. Some of these 0day exploits have been used by Anonymous, government sponsored attacks and other Hacktivists to attack leading governments and organizations like the Greek ministry of finance, United States Investigations Services, NVIDIA The truth is that there is no such thing as internal network anymore, there are several tools in the public domain that show you exposed servers from organizations running SAP even without being a trained or skilled hacker.

Last Week, May 2, 2019, Reuters reported that over 50,000 companies are exposed to hacks…

Information security breaches aren’t cheap — the average breach costs $7.2 million. They’re massively inconvenient,…

(Improper Role Authorization Vulnerability (CVE-2018-2361) on SAP Solution Manager 7.2) For many businesses on the…

The challenge   Today, corporations suffer from a case of insufficient attention to new sources of…

SAP Security Patch for July 2017: The recently published patch release caters to certain vulnerabilities…

Last week, our team at DeltaGRiC Consulting concluded a full SAP cyber security audit for…

Slide 1 Slide 2

Get in Touch, We would love to Speak with You!

[contact-form-7 404 "Not Found"]