Security researchers Pablo Artuso and Yvan Genuer set to lead briefing in Las Vegas, demonstrate latest findings on ERP cybersecurity from the Onapsis Research Labs
Onapsis, the market leader in business application security and compliance, today announced that members of the Onapsis Research Labs (ORL) will be leading a briefing at Black Hat USA 2023, documenting the team’s ongoing research into today’s most consequential SAP vulnerabilities, and detailing how customers can mitigate them to protect their business-critical applications.
Now in its 26th year, Black Hat USA is the world’s leading information security event, bringing together some of the sharpest minds in the industry. This year’s conference will take place at the Mandalay Bay Convention Center in Las Vegas, Nevada, and runs from Saturday, August 5 – Thursday, August 10.
During the event, attendees will have an opportunity to hear from Onapsis Lead Security Researcher Pablo Artuso and Sr. Security Researcher Yvan Genuer as they detail the findings of the Onapsis Research Labs’ investigation into the family of SAP enterprise software vulnerabilities known as “P4CHAINS,” which have been reported in coordinated disclosure and patched by SAP. Ahead of the upcoming session, Onapsis is today releasing its full report of findings here. More details on the briefing can be found on the Black Hat site and listed below.
Chained to Hit: Discovering New Vectors to Gain Remote and Root Access in SAP Enterprise Software
At the core of every business, there will always be a mission-critical application system. Despite the significance of these systems, organizations continually overlook their security, putting businesses at elevated risk of exploitation. This presentation will highlight the Onapsis Research Labs’ months-long research efforts into a series of chainable vulnerabilities discovered in SAP’s P4 protocol, the foundation of key SAP applications like Enterprise Resource Planning (ERP), Supply Chain Management (SCM), and Customer Relations Management (CRM).
- Date: Wednesday, August 9th | 10:20 a.m. – 11:00 a.m. PT
- Location: Islander HI, Level 0 | Mandalay Bay Convention Center, Las Vegas, NV
- Presenters: Onapsis Lead Security Researcher: Pablo Artuso & Sr. Security Researcher: Yvan Genuer
“Our team continues to work closely with SAP to identify and mitigate zero-day vulnerabilities, and P4CHAINS is another great outcome of this strategic partnership,” said Mariano Nunez, CEO and co-founder of Onapsis. “It’s always an honor to be able to highlight the contributions of the hard-working Onapsis Research Labs on one of the biggest stages in information security. This presentation will illustrate the true complexity of securing critical applications, how these known vulnerabilities can leave organizations exposed and what they need to do to protect themselves.”
Onapsis will be hosting threat briefings and business meetings alongside NightDragon at Mandalay Bay’s executive suites during the two-day main conference. During this time, Onapsis’ security experts will be available to chat through best practices for securing SAP and Oracle business applications.
“It’s phenomenal to see Black Hat further highlighting the critical importance of ERP application security research. It is one of the weakest links in major enterprises, especially as they move these applications to the cloud,” says Dave DeWalt, Former CEO, FireEye, McAfee, Documentum and Founder & CEO of NightDragon. “Onapsis has the foremost experts in ERP application threat hunting, and it will be eye-opening for many organizations to see how vulnerability chaining can have far-reaching consequences, also affecting the crown jewels and most regulated applications for the Global Fortune 2000.”
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!
