Reykjavik, Iceland – October 9, 2013 Dmitry Chastuchin, Director of SAP Pentesting at ERPScan, delivered a presentation titled “The state of SAP security 2013: Vulnerabilities, Threats, and Trends” at the HackerHalted conference.

ERP Systems based on SAP are the heart of any large company, so it is necessary to increase awareness in this area, especially after the Anonymous attack on Greece Government where a probably 0-day SAP vulnerability was exploited (however this information was neither proven nor refuted). ERP systems enable all the critical business processes, from procurement, payment to human resources and financial planning. All the data stored in ERP systems is of great importance and any illegal access can mean enormous losses probably even termination of business processes.

Full report