SAP from an Attacker’s Perspective – Common Vulnerabilities and Pitfalls
DESCRIPTION
This talk will give an overview of vulnerabilities we discovered during SAP pentests and what approach we take to assess an SAP system’s security. We will discuss different attack vectors and what you can do to make an attacker's life harder.
As a pentester, my experience and expertise in discovering SAP vulnerabilities can provide unique insights for the audience. This presentation will focus on not only identifying common vulnerabilities in SAP systems but also on practical ways to mitigate them.
One significant aspect of this talk will be sharing real-world examples of SAP vulnerabilities that were discovered during pentesting engagements. This will help the audience to understand the practical implications of these vulnerabilities and how they can be exploited by attackers.
Moreover, the presentation will cover various techniques used by attackers to exploit SAP vulnerabilities and the potential impact of such attacks. This will help the audience to understand the importance of securing their SAP systems and how they can protect themselves against exploitation.
Overall, the takeaway for the audience will be a better understanding of common SAP vulnerabilities, the potential impact of these vulnerabilities, and practical ways to mitigate them. By the end of this presentation, the audience will be equipped with the knowledge and tools needed to secure their SAP systems and prevent attacks.
WHY THE COMMITTEE CHOSE THIS TALK
SAP Security is a prominent topic, as the data in SAP is the heart of most companies. In many ransomware cases the integrity and availability of the SAP systems is a breaking point for the companies. Nicolas will show us, how to secure these vital system before cybercrime gangs attacks it.
