Alexander Polyakov — Head
Research areas: SAP/ERP Security, architecture and business logic vulnerabilities.
Alexander Polyakov, CTO at ERPSCAN, head of DSecRG and architect of ERPScan Security scanner for SAP. His expertise covers security of enterprise business-critical software like ERP, CRM, SRM, RDBMS, banking and processing software. He is the OWASP-EAS manager of OWASP-EAS (OWASP subproject), a well-known security expert of the enterprise applications of such vendors as SAP and Oracle, who published a significant number of the vulnerabilities found in the applications of these vendors. He is the writer of multiple whitepapers devoted to information security research, and the author of the book "Oracle Security from the Eye of the Auditor: Attack and Defense" (in Russian). He is also expert council member of PCIDSS.RU, QSA and PA-QSA auditor and one of the contributors to Oracle with Metasploit project. Alexander has spoken at numerous international conferences including BlackHat, HITB (EU/ASIA), Source, DeepSec, CONFidence, Troopers.
Alexey Sintsov — Lead Researcher
Research areas: bug hunting, exploit development, new techniques, banking software, client security.
Alexey Sintsov is a well-known researcher, the author of the new attack techniques. He performs security assessments, penetration testing and security research for DSecRG, and works on the new methods of SAP exploitation. He also writes articles for the XAKEP magazine and leads the "Exploit Review" column and contributes to “GREYHAT Hacking 3” book. Alexey has been posting vulnerabilities at the Bugtraq mailing list since 2001 and has found several 0-days vulnerabilities in the Russian Internet-banking systems (private works). He has spoken at the following conferences: HITB, CONFidence, and multiple Russian conferences. His public works.
Dmitriy Evdokimov — Researcher
Research areas: SAP (ABAP) security, reverse engineering, and source code analysis.
The student of St. Petersburg State Polytechnic University, computer science department, he focuses on SAP security, particularly on Kernel, BASIS and ABAP security. He has official acknowledgements from SAP and Oracle for the vulnerabilities found. His interests cover reverse engineering, software verification/program analysis (SMT, DBI, IL), vulnerability research and development of exploits, software for static and dynamic code analysis written in Python. He is also a contributor to the OWASP-EAS project.
Dmitriy Chastuhin — Researcher
Research areas: SAP security, Web /WEB 2.0, Social network security.
The student of St. Petersburg State Polytechnic University, computer science department, he works on SAP security, particularly on Web applications and JAVA systems. He has official acknowledgements from SAP for the vulnerabilities found. Dmitriy is also a WEB 2.0 and social network security geek who found several critical bugs in Vkontakte (vk.com), the Russian largest social network. He is also a contributor to the OWASP-EAS project.
Dr Alexey Turin — Researcher
Research areas: bug hunting, new techniques, SAP security.
Alexey Tyurin is security researcher of DSecRG. He holds a PHD in computer security. He works on SAP security, particularly on RFC and Web-services security. He has pen-testing experience of wide types of enterprise system (Citrix, VMware, etc). He is a main programmer of ERPScan Black tool (the penetration tool for SAP) and some other security tools . He leads the "Easy Hack" column and writes articles of security and reverse engineering for the XAKEP magazine.
