September-21-23-2010 Talk on Source Barcelona “ERP Security Myths, Problems, Solutions” by Alexander Polyakov

Barcelona, Spain – September 21-23, 2010 ERPScan took part in the Source Barcelona 2010 conference held on September 21-23 in Barcelona, Spain. The conference brought together technical experts and managers of the large companies dealing with information security, thus providing various approaches towards security accomplishment.

Many security experts attended the conference, among them were experts from Microsoft, Symantec, Verizon, Ernst&Young, PWC, Trustwave, IOActive, Rapid7 and ERPScan.

The presentation topics covered a wide scope of problems. From technical point — security issues of various technologies such as ATM, ERP, SCADA, SMARTGRID, SS7 (SIGTRAIN), and business point — the issues of cybercrime, social engineering, SLDC, SEIM, password policy, misunderstanding between security experts and the business, and many others.

Alexander Polyakov as representative of ERPScan gave a talk on business applications and ERP-system security, reviewed the latest trends, new vulnerabilities, and methodologies to assess ERP-system security developed within the OWASP-EAS project.

Furthermore, ERPScan announced the ERPSCAN Online project (, which final version will be released in a short time allowing SAP Frontend users online assessment of their work stations and awareness within information security area.

On the whole, the conference left a good impression. We are going to cooperate with the organizers and share experience with our colleagues of world-leading IT companies to keep up with global trends and thus increasing the quality of the services we provide.

Alexander Polyakov, CTO of ERPScan, Head of the ERPScan research team.