SAP (In)security: Latest Attacks and Defenses

March 21, 2012 (at 5 p.m.) in Attacks & Research

This presentation details some of the latest attack vectors against SAP systems, explaining some of the techniques malicious parties may use to compromise the systems remotely and then escalate privileges to access sensitive business information.

Join us to see live demonstrations of these attacks, learn about the statistics of dozens of real-world SAP Penetration Tests and identify which are the latest advances in preventing your SAP systems from falling in the wrong hands.

Mariano Nuñez Di Croce

Mariano Nunez Di Croce is the CEO at Onapsis. Mariano is a renowned researcher in the ERP & SAP Security field, being the first to present on real-world security attacks to SAP platforms. Since then, he has been invited to lecture in some of the most important security conferences in the world, such as BlackHat DC/USA/EU, RSA, SAP, HITB Dubai/EU, Troopers, Ekoparty, HackerHalted, DeepSec, Sec-T, Hack.lu and Seacure.it, as well as in Fortune-100 companies and military organizations.

Mariano has discovered 50+ vulnerabilities in SAP, Microsoft, Oracle and IBM applications. He leads the strategic development of Onapsis X1, has been the developer of the first open-source SAP & ERP Penetration Testing Frameworks and leads the “SAP Security In-Depth” publication. Mariano is also a founding member of BIZEC.org, the Business Security Community. Because of his research work, he has been interviewed and featured in mainstream media such as CNN, Reuters, IDG, New York Times, eWeek, PCWorld, Darkreading and others.

Twitter: @marianonunezdc