44CON 2019 has ended
Back To Schedule
Friday, September 13 • 11:00 - 11:59
Jordan Santarsieri - Spyware, Ransomware and Worms. How to prevent the next SAP tragedy

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Is not a secret that SAP is a market leader and one of the principal software providers of the core business applications around the world, nearly 95% of the Fortune-500 companies heavy rely on SAP to perform their most critical and daily operations such as processing payroll, benefits, storing sensitive customers’ information, handling credit cards, logistics and many more.

Due to the “ERP Complexity of the simple things” and in combination with several proprietary protocols, entry-points and default misconfigurations, ERPs are particularly vulnerable to Spyware, Ransomware and Worms, making them the ideal targets for this type of attacks due to the economic significance that these systems hold.

Join me on this completely new and highly technical talk, in which I’m going to explain through several live demos how the different types of malware could impact SAP and what actions you could take to prevent the next SAP tragedy.

As an added value, we will reveal for the first time, our very own project “ARSAP”, a semi-automatic mechanism that detects and register all the SAP systems that are exposed to the Internet, extracting the system’s metadata and cataloging the assets in base of their Geo-location, system type, version, installed components, etc.


Jordan Santarsieri

Mr Santarsieri is a founder partner at Vicxer where he utilizes his 12+ years of experience in the security industry, to bring top notch research into the ERP (SAP / Oracle) world. He is engaged in a daily effort to identify, analyze, exploit and mitigate vulnerabilities affecting... Read More →

Friday September 13, 2019 11:00 - 11:59 BST
* Track 1 *