Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, October 26 • 11:00am - 11:45am
Unbreakable Oracle ERPs? Attacks on Siebel & JD Edwards

Sign up or log in to save this to your schedule and see who's attending!

Siebel and JDE platforms are a core part of our global business-critical infrastructure. Our credit card numbers, bills, personal information and consuming habits; top-tier companies' business processes and their most confidential information. It's all in there.

Despite their criticality, there is still today very scarce public information on how attackers may try to break into these systems and what we can do to stop them, placing the bad guys in a very powerful position. The Auditing and InfoSec industries have been traditionally focused only on enforcing segregation of duties controls, and that's not enough anymore.

Join us in this new presentation to understand, through several live demos, how intruders can remotely execute code, steal user passwords and manipulate proprietary technologies to perform espionage, sabotage and fraud attacks, without having a valid user in the systems. Furthermore, you will see how these attacks may be performed over the Internet.

Learn how to mitigate these risks, starting by learning how to assess them in your company using the new version of Bizploit, the opensource ERP Penetration Testing framework, to be released after the talk.


Speakers
avatar for Juan Perez-Etchegoyen

Juan Perez-Etchegoyen

CTO, Onapsis, Inc.
Juan Pablo is the CTO of Onapsis, leading the Research and Development teams that keep the Company in the cutting-edge of the ERP security field. Juan Pablo is fully involved in the design, research and development of the innovative Onapsis' software solutions. | Being responsible for managing the Onapsis Research Labs, Juan Pablo has also been actively involved in the coordination and research of critical security vulnerabilities in ERP... Read More →
avatar for Jordan Santarsieri

Jordan Santarsieri

Senior Security Researcher, Onapsis
Jordan Santarsieri is a senior Onapsis security consultant and researcher. Being also a member of the Onapsis Research Labs, he is engaged in a daily effort to identify, analyze, exploit and mitigate vulnerabilities affecting ERP systems and business-critical applications. | | Jordan has discovered critical vulnerabilities in SAP software and is a frequent author of the "SAP Security In-Depth" publication. Through his work, he has... Read More →


Friday October 26, 2012 11:00am - 11:45am
Gluu Room - Foothills II (17th Floor) Hyatt Regency Austin, 208 Barton Springs Road, Austin, TX, 78704

Attendees (8)