Alexander Polyakov

ERPScan official statement about US Treasury sanctions

Dear colleagues, as you probably know, yesterday US Treasury included ERPScan in the list of sanctioned companies. It would be superfluous to say this, but of course, we have nothing to do with Russian Federal Security Service as well as other government agencies worldwide. We have always tried to avoid any political issues and stay outside of political events. Now, we regret such an unjust move towards us. Nevertheless, we will pursue our goals related to cybersecurity and develop other markets in more than 35 countries where we operate. In fact, it is unfortunate that American companies will not have a competitive market in the ERP Security field, turning our main US competitor into a monopolist without any incentive to innovate.

Read more

SAP Security for CISO. Part 13: SAP Attacks and Incidents

You already know enough about SAP ERP Security and realize a real impact of having insecure SAP implementation.

Recently, Crowd Research Partners have released ERP Cybersecurity Survey 2017 conducted across almost 2000 respondents of different roles from various industries. According to this research, 89% of security professionals predict that the number of attacks on SAP systems will increase. Moreover, the average damage of an SAP Security breach is estimated at $5 million. It’s unthinkable, isn’t it?

Read more

SAP SoD (SAP Security for CISO. Part 14)

Let’s start with the oldest and most known SAP Security area – SAP Segregation of Duties, or the SAP SoD. I will try to embrace it in general, without in-depth details.

Plenty of articles that cover various aspects of SAP Security, especially concerning vulnerabilities and risks, paved the way for today’s discussion on how we can protect SAP (which is of particular importance now given the upcoming GDPR).

Read more

SAP Security for CISO. Part 12: SAP Mobile Infrastructure Security

SAP, like any other large vendor, is evolving towards greater mobility and providing access to its applications from different devices located anywhere in the world. Therefore, its product portfolio includes solutions that allow mobile users to interact with business applications such as those based on ABAP, Java or HANA platforms. In this article, you will learn the most relevant explanatory notes about SAP Mobile Platform and SAP Afaria, their vulnerabilities and security trends.

Read more