ERPScan Security Monitoring Suite for Oracle PeopleSoft

Industry’s first vulnerability management solution for Oracle PeopleSoft

Product Overview

At the BlackHat security conference in Las Vegas, where the latest unique research is published every year, researchers from ERPScan presented the first and only report on vulnerabilities in Oracle PeopleSoft. ERPScan CTO Alexander Polyakov and Director of Consulting Dr. Alexey Tyurin presented a workshop featuring new techniques of security assessment for business systems including Oracle PeopleSoft, which is used in many big companies.

Oracle PeopleSoft software is a combination of supply chain, human resources, supplier relationship management, and much more. This software is installed by 6000+ customers (57 % of Fortune 100 list) and serves 20 million employees worldwide. Providing an attacker with an opportunity to steal the personal data of more than 20 million people is very easy because most PeopleSoft applications are connected to the Internet for providing access to suppliers. Simple Google search strings can find about 500 Internet-enabled PeopleSoft applications. Shodan requests will show much more.

Multiple vulnerabilities found in this system by different researchers, including unique research by the ERPScan team, can allow third parties to get full access to the system and obtain critical HR or supplier data, social security numbers, probably even credit card data. Not only is it possible to steal data, but also to cause denial of service or modify financial information such as bank account numbers.

Because of their extreme complexity and customization, Oracle’s PeopleSoft applications that store key business data are vulnerable to many attacks. Until now, there were no solutions on the market which could address vulnerabilities in Oracle PeopleSoft applications. Meet ERPScan add-on for PeopleSoft – the industry’s first vulnerability management solution for Oracle PeopleSoft applications and components.

How can we help with providing PeopleSoft Security?

We are introducing a new add-on to our flagship product ERPScan Security Monitoring Suite, an award-winning solution with 360° protection against cyber-attacks and internal fraud. It is easy to implement, able to perform gap analysis within one minute, powerful, customizable, and equipped with a plethora of advanced settings. ERPScan is specifically designed for enterprise systems to continuously monitor the state of security in multiple SAP and Oracle business applications. It makes identifying threats an easy process, helps management with smart dashboards, is capable of high-level trend analysis, risk management, and task delegation. It allows report generation in multiple formats and easily integrates with IT GRC and SIEM solutions.

Our customers enjoy central management of business applications security with minimal time and effort.

The current add-on supports security checks for Oracle PeopleSoft application stack including Oracle WebLogic and Oracle Database.


Business benefits:

  • Unique. The only solution on the market to address Oracle PeopleSoft security checks
  • Decrease OPEX. Extremely fast scans in less than 5 min save your time
  • Cloud and SaaS support. Implement ERPScan as a virtual appliance or run it as a service
  • Enterprise. Continuous monitoring of vast landscapes (quickly implemented, easy to use, scalable)
  • Detailed. Largest database of Oracle PeopleSoft issues including 0-days
  • Agentless. Does not require any agents or modification of Oracle PeopleSoft

Functional Benefits:

  • Risk management. Accept, modify, prioritize risks and export them into GRC solutions
  • Task management. Assign tasks or export them to GRC and ITSM solutions
  • User management. Create users, assign roles and access rights to assets
  • Project management. Schedule multiple projects against different systems using different templates
  • Notification management. Be notified when something is changed
  • Template management. Create your own scan templates which fit your policies or choose from predefined
  • Reports. Generate reports in multiple formats or export results to GRC or SIEM solutions
  • High-level statistics and trend analysis. 30+ CISO dashboards to analyze trends

PeopleSoft Vulnerability Management module

  • PeopleSoft vulnerability assessment
  • PeopleSoft configuration
  • PeopleSoft anonymous web services
  • PeopleSoft 0-day vulnerability checks and exploits
  • PeopleSoft access control
  • Oracle database security checks




Cybersecurity Excellence Awards
“Oracle provides recognition to people that have contributed to our Security-In-Depth program. Oracle recognizes Alexander Polyakov from ERPScan for contributions to Oracle’s Security-In-Depth program.” Oracle

Interested? Request demo now

Contact us today.

Select your country:

Subscribe me your to mailing list