BlackHat 2012: Alexander Polyakov on New SAP Vulnerabilities

Wednesday, August 01, 2012

Alexander Polyakov describes a recently discovered and widespread architectural vulnerability which especially targets SAP applications and allows for the bypassing of SAP security restrictions, such as firewalls, even in secure landscapes.

 

Alexander is the CTO at ERPScan, the head of DSecRG and the architect of the ERPScan Security scanner for SAP. His expertise covers security of enterprise business-critical software like ERP, CRM, SRM, RDBMS, banking and processing software.

Alexander is the OWASP-EAS manager, and a well-known security expert on enterprise applications such as SAP and Oracle, and who published a significant number of the vulnerabilities found in the applications of these vendors.

He is the author of multiple whitepapers devoted to information security research, and the author of the book “Oracle Security from the Eye of the Auditor: Attack and Defense”.

He is also a QSA and PA-QSA auditor, and one of the contributors to the Oracle with Metasploit project. Alexander speaks at international conferences like BlackHat, HITB (EU/ASIA), Source, DeepSec, CONFidence, and Troopers.

Possibly Related Articles:
9879
Network->General
Information Security
Firewalls Vulnerabilities Infosec Island Exploits Network Security SAP Infosec Black Hat Conference Alexander Polyakov
Post Rating I Like this!