A partner account manager can help. Contact us today.

Subscribe me to your mailing list


SAP Security
and Guides
by ERPScan

ERPScan Research Team - Leadership in ERP Security

ERPScan experts have been invited to speak, present and train at 70+ prime international security conferences in 25+ countries across the continents. These include BlackHat, RSA, HITB as well as private trainings for SAP in several Fortune 2000 companies.

Our team have highly qualified experts in staff with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct research in SAP system security.

SAP Security Documents, Presentations and Guides:

Here you can find SAP Security documents and .pdf presentations:

Date Title
11-12-2015 SAP Cybersecurity for Oil and Gas (BlackHat, Amsterdam)
10-16-2015 SAP Afaria Security one SMS to hack a company (HackerHalted, Atlanta)
06-19-2015 The Latest Changes to SAP Cybersecurity Landscape (BlackHat Sessions XIII)
06-19-2015 Oracle PeopleSoft Applications are Under Attack. Updated. (Hack in Paris)
05-28-2015 Oracle PeopleSoft Applications are Under Attack (HITB AMS)
03-18-2015 Attacking SAP Mobile (Troopers)
12-01-2014 Business Breakdown Vulnerabilities in ERP via ICS and ICS via ERP (ISC)
11-21-2014 5 Real ways to destroy business by breaking SAP Applications (CISO Platform)
11-21-2014 Implementing SAP security in 5 steps (CISO Platform)
11-20-2014 SAP Security Made Easy (KuppingerCole)
10-21-2014 SAP Security Landscape. How to protect(hack) your(their) big business (SecTor)
10-14-2014 13 Real ways to destroy business by breaking company's SAP Applications (ISSE)
07-22-2014 EAS-SEC Project (RSA APAC)
06-20-2014 If I Want a Perfect Cyberweapon I'll Target ERP - Second edition (InfoTech)
05-27-2014 All your SAP Passwords belong to us (Confidence)
04-21-2014 Assess and Monitor SAP Security (Norway)
04-13-2014 Practical SAP Pentesting (B-Sides San Paulo)
03-19-2014 Injecting evil code in your SAP J2EE systems. Security of SAP Software Deployment Server (Troopers'14)
02-14-2014 Practical SAP Pentesting workshop (NullCon Goa)
11-18-2013 EAS-SEC framework for securing Business Applications (CisoPlatform)
10-30-2013 If I want a perfect cyberweapon i'll target ERP (RSA Europe)
10-11-2013 SAP SDM Hacking (Hacktivity)
08-26-2013 Securing SAP in 5 steps (ISACA SouthAfrica)
08-26-2013 What CISO's should know about SAP Security (ISACA SouthAfrica)
07-31-2013 With BIGDATA comes BIG Responsibility: Practical exploiting of MDX injections (BlackHat USA)
07-31-2013 Practical pentesting of ERPs and business applications (BlackHat USA)
06-04-2013 SAP Security in Figures (RSA APAC)
05-29-2013 SAP Portal: Hacking and forensics (CONFidence)
05-08-2013 Breaking, forensicating and anti-forensicating SAP Portal and J2EE Engine (ITWEB)
11-27-2012 Breaking SAP Portal (DeepSec)
11-02-2012 Breaking SAP Portal (HashDays)
11-01-2012 SSRF vs. Business-critical applications. Part 2. New vectors and connect-back attacks (POC)
10-31-2012 Architecture vulnerabilities in SAP platforms: history and future trends (SAP Security Summit)
10-31-2012 Breaking SAP Portal (HackerHalted)
10-16-2012 Assessing and Securing SAP (IT-SA)
10-13-2012 Top 10 most interesting vulnerabilities and attacks in SAP (HackTivity)
07-21-2012 SSRF vs. Business-critical applications. XXE tunnelling in SAP (BlackHat USA)
07-06-2012 Top 10 most interesting vulnerabilities and attacks in SAP (Just4Meeting)
05-30-2012 SAP (in)Security: New and best (PHDays)
05-09-2012 Top 10 most interesting vulnerabilities and attacks in SAP (Kuwait InfoSecurity)
08-02-2011 A crushing blow at the heart of SAP's J2EE Engine (BlackHat USA)
01-18-2011 Forgotten World - Corporate Business Application (Systems BlackHat DC)
09-21-2010 ERP Security Myths, Problems, Solutions (SOURCE Barcelona)
07-01-2010 Attacking SAP users with sapsploit (HITB Amsterdam)