A partner account manager can help. Contact us today.
At a recent BlackHat security conference in Las Vegas, where the latest unique research is published every year, researchers from ERPScan presented the first and only report on vulnerabilities in Oracle PeopleSoft. ERPScan CTO Alexander Polyakov and Director of Consulting Dr. Alexey Tyurin presented a workshop featuring new techniques of security assessment for business systems including Oracle PeopleSoft, which is used in many big companies.
Oracle PeopleSoft software is a combination of supply chain, human resources, supplier relationship management, and much more. This software is installed by 6000+ customers (57 % of Fortune 100 list) and serves 20 million employees worldwide. Providing an attacker with an opportunity to steal the personal data of more than 20 million people is very easy because most PeopleSoft applications are connected to the Internet for providing access to suppliers. Simple Google search strings can find about 500 internet-enabled PeopleSoft applications. Shodan requests will show much more.
Multiple vulnerabilities found in this system by different researchers, including unique research by the ERPScan team, can allow third parties to get full access to the system and obtain critical HR or supplier data, social security numbers, probably even credit card data. Not only is it possible to steal data, but also to cause denial of service or modify financial information such as bank account numbers.
Because of their extreme complexity and customization, Oracle's PeopleSoft applications that store key business data are vulnerable to many attacks. Until now, there were no solutions on the market which could address vulnerabilities in Oracle PeopleSoft applications. Meet ERPScan add-on for PeopleSoft – the industry's first vulnerability management solution for Oracle PeopleSoft applications and components.
We are introducing a new add-on to our flagship product ERPScan Security Monitoring Suite, an award-winning solution with 360° protection against cyber-attacks and internal fraud. It is easy to implement, able to perform gap analysis within one minute, powerful, customizable, and equipped with a plethora of advanced settings. ERPScan is specifically designed for enterprise systems to continuously monitor the state of security in multiple SAP and Oracle business applications. It makes identifying threats an easy process, helps management with smart dashboards, is capable of high-level trend analysis, risk management, and task delegation. It allows report generation in multiple formats and easily integrates with IT GRC and SIEM solutions.
Our customers enjoy central management of business applications security with minimal time and effort.
The current add-on supports security checks for Oracle PeopleSoft application stack including Oracle WebLogic and Oracle Database.
Contact us today.