Close

HAVE QUESTIONS?

A partner account manager can help. Contact us today.

 Subscribe me to your mailing list

Presentations

  • “Injecting Evil Code in your SAP J2EE systems – Security of SAP Software Deployment Server” from Troopers’14

    troopers14_banner_for_slider

    Why break critical systems themselves when we can attack Deployment Server: the core from which all J2EE code spreads into other systems? The core is called SAP Software Deployment Server and consists of many subsystems like SDM, DTR, CMS. SAP has it's  own SVN-like subsystem and Build service. Who cares about the security of Deployment Server? That's why it is full of issues and it is possible to deploy your own code anonymously without having any access to NWDS using architecture flaws. In the end, your evil code will spread to any system you want, giving you the ability to control every business system. No need to say that all tricks described here were executed by Dmitry Chastuhin and his department in series of pentests

    Injecting Evil Code in your SAP J2EE systems – Security of SAP Software Deployment Server

    Posted on March 21, 2014 | Filed under Presentations
  • “Practical SAP Pentesting” from Nullcon Goa 2014

    nullcon-goa-2014-international-security-conferenc-93

    This workshop was focused on basics and advanced areas of technical aspects of SAP security. Understanding the architecture of typical SAP system and focuses on every component that can be attacked with live demo and hands-on exercises Covering areas such as SAP Gateway, Message server, RFC security, ITS, ABAP code vulnerabilities, JAVA-engine attacks, Authorizations, Database security, SAPGUI security and many others will be described.

    Full text of the presentation could be found here

    Posted on February 16, 2014 | Filed under Presentations
  • “EAS-SEC: Framework for Securing Enterprise Business Applications” from CISO platform 2013

    logoCopy

    EAS-SEC: Framework for Securing Enterprise Business Applications as it was Presented by Alexander Polyakov, CTO, ERP Scan at CISO Platform Annual Summit, 2013.

    EAS-SEC: Framework for Securing Enterprise Business Applications
    Posted on November 18, 2013 | Filed under Presentations
  • “If I want a perfect cyberweapon i’ll target ERP” from RSA conference Europe 2013

    RSA banner
    Alexander Polyakov, CTO, ERPScan:
    I'm shocked, really, that this perfect weapon has not been made yet (or we just don't know about it?). Everybody's talking about attacks on critical infrastructure between countries, but big commercial companies have even more power: they can make their own corporate wars by industrial espionage. What can they target? Business applications like ERP/CRM systems storing all corporate data. Learn how.

    Text of the presentation could be found here

    Posted on November 1, 2013 | Filed under Presentations
  • “Practical pentesting ERP systems and business applications” from BlackHat 2013

    bh2
    Today, the whole business of a company depends on enterprise business applications. They are big systems that store and process all the critical data of companies. Any information an attacker might want, be it a cybercriminal, industrial spy or competitor, is stored here. This information can include financial, customer or public relations, intellectual property, personally identifiable information, and more. Industrial espionage, sabotage and fraud or insider embezzlement may be very effective if targeted at the victim's business application and cause significant damage to the business. There are many types of those applications: ERPs, CRMs, SRMs, ESBs. Unfortunately, there is still very little information about the security of those systems, especially how to pentest them.

    Practical pentesting ERP systems and business applications (EAS-SEC)
    Posted on August 28, 2013 | Filed under Presentations
  • “SAP Portal: Breaking and Forensics” from Confidence 2013

    confidence_2013


    One of the most critical SAP applications in terms of cyber attacks is SAP Portal, which is based on J2EE engine because it is usually available from the Internet and provides access and connections to other internal SAP and legacy systems. It is necessary to increase awareness in this area, especially after the Anonymous attack on Greece Government where an SAP 0-day vulnerability probably was used, but are you sure that your system has not been compromised? If we talk about SCADA attacks, they are mostly focused on sabotage, which is easy to recognize; attacks on financial systems like banking are focused on money stealing; but if we talk about SAP, the most critical attack is probably espionage, and it is hard to understand if there was espionage because there is no direct evidence of compromise except logs. In this talk, the security architecture of Portal itself and custom applications like iViews will be reviewed, and we will demonstrate how SAP Portal can be attacked. But the main area of the talk will be focused on forensics and finding attack patterns in logs traces and other places to understand if it is possible to completely reverse complex attack patterns. Finally, we will look at how an attacker can try to hide their attacks and how it is possible to deal with it.



    There have been a lot of talks covering attacks, but now we will move to the understanding of how to deal with them in the cyber-crime era.

    SAP Portal Hacking and Forensics at Confidence 2013
    Posted on June 1, 2013 | Filed under Presentations
  • “Breaking SAP Portal” From DeepSec 2012

    deepsec1
    Today, SAP NetWeaver is the most widespread platform for developing enterprise business applications.  One of the most critical applications is SAP Portal. The point is that SAP Portal, unlike many other systems, is usually available from the Internet because it provides SSO access to other business critical systems from SAP and other vendors.  If a malicious hacker can get unauthorized access to SAP Portal, he can get control over all the other systems located inside the company even if they are secured by firewalls. We have done numerous security assessments of SAP Portal and found that even critical infrastructure systems like SCADA sometimes connected to Portal.  Also developers can make custom applications for Portal called IViews and those have their problems. In this talk, the security architecture of Portal itself and custom applications will be reviewed and a number of new issues will be presented that can give full control over SAP Portal. Breaking SAP Portal - DeepSec 2012
    Posted on December 4, 2012 | Filed under Presentations
  • “SSRF 2.0: New vectors and connect-back attacks” from POC Korea

    poc1
    Research in SSRF attacks is becoming more and more popular. Here, you can find our latest interesting attacks and vectors for future research, for example, SSRF connect-back exploitation.

    SSRF 2.0: new vectors and connect-back attacks
    Posted on November 9, 2012 | Filed under Presentations
  • “Breaking SAP Portal” From HashDays 2012

    hashdays1
    Today, SAP NetWeaver is the most widespread platform for developing enterprise business applications.  One of the most critical applications is SAP Portal. The point is that SAP Portal, unlike many other systems, is usually available from the Internet because it provides SSO access to other business critical systems from SAP and other vendors.  If a malicious hacker can get unauthorized access to SAP Portal, he can get control over all the other systems located inside the company even if they are secured by firewalls. We have done numerous security assessments of SAP Portal and found that even critical infrastructure systems like SCADA sometimes connected to Portal.  Also developers can make custom applications for Portal called IViews and those have their problems. In this talk, the security architecture of Portal itself and custom applications will be reviewed and a number of new issues will be presented that can give full control over SAP Portal.

    Breaking SAP Portal - HashDays 2012
    Posted on November 5, 2012 | Filed under Presentations
  • “Breaking SAP Portal” From HackerHalted 2012

    hackerhalted
    Today, SAP NetWeaver is the most widespread platform for developing enterprise business applications.  One of the most critical applications is SAP Portal. The point is that SAP Portal, unlike many other systems, is usually available from the Internet because it provides SSO access to other business critical systems from SAP and other vendors.  If a malicious hacker can get unauthorized access to SAP Portal, he can get control over all the other systems located inside the company even if they are secured by firewalls. We have done numerous security assessments of SAP Portal and found that even critical infrastructure systems like SCADA sometimes connected to Portal.  Also developers can make custom applications for Portal called IViews and those have their problems. In this talk, the security architecture of Portal itself and custom applications will be reviewed and a number of new issues will be presented that can give full control over SAP Portal.

    Download slides
    Posted on November 1, 2012 | Filed under Presentations