How attackers bring home the bacon A method to find, analyse, and document threats to your business assets Measure the security of your applications
- Normal users were falsely logged on as different users
SAP architectures very complex --> People cannot grasp architecture, different opinions about how architecture works among developers --> Many forgotten legacy systems --> A lot of glue code to make legacy systems work with newer components --> A lot of customisations with zero documentation, authors have long moved on no in-depth-knowledge, system just works --> no need to know system as long as it runs
How attackers bring home the bacon A method to find, analyse, and document threats to your business assets Measure the security of your applications
Result?
How attackers bring home the bacon A method to find, analyse, and document threats to your business assets Measure the security of your applications
How attackers bring home the bacon A method to find, analyse, and document threats to your business assets Measure the security of your applications
Easy to fix: mitigation by changing web server configuration
Easy to fix: mitigation by changing web server configuration
How attackers bring home the bacon A method to find, analyse, and document threats to your business assets Measure the security of your applications