SBN Webinar: Onapsis - RECON and other SAP vulnerabilities

25/09 | Start: 13:00

Onapsis - RECON and other SAP vulnerabilities

September 25, 13:00-14:00

SAP’s July Security Notes included a fix for a critical vulnerability which has been named RECON. Successfully exploiting RECON could give an unauthenticated attacker full access to the affected SAP system, including the ability to modify financial records, view personal identifiable information (PII), corrupt data, delete or modify logs and traces, and other actions that put essential business operations and regulatory compliance at risk. Note that on the Common Vulnerability Scoring System (CVSS) RECON has been classified as 10, the maximum vulnerability score.

The Onapsis Research Labs first identified this vulnerability in May 2020 and has worked closely with the SAP Security Response Team on a mitigation strategy.  By attending this webinar, you will learn:

 

  • Details of the RECON vulnerability
  • The business impact
  • Why patching SAP is so important
  • Recommendations for keeping SAP protected
  • How to protect your SAP system from future threats


Presented by:

Frederik WeidemannFrederik Weidemann
Onapsis Inc.

Frederik is a cybersecurity expert and Chief Technical Evangelist at Onapsis. He presented over 50 times at SAP and security related conferences like RSA, Troopers, SAPPHIRE, TechEd, SAP Insider, ASUG, DSAG, and OWASP. He has focused on SAP Security for the last fourteen years and is the co-author of the first book on Secure ABAP Programming. Frederik also frequently writes articles on SAP security and has found numerous zero-day defects in business-critical applications. 


The event was evaluated Fantastic = 6,5 on a scale 1-7.

Recording: [slides]

 


Contact Martin if you have questions or comments.

Martin BrownswordMartin Brownsword
Head of Innovation Team IT, HANA, Projects
SBN - SAP Brukerforening i Norge
mb@adfahrer.com
+47 917 11 593


Tags: it, hana, projects, onapsis

Number of participants: 31

  • Sakthivel Sivaguru  
    Bouvet
  • Øyvind Nordang  
    Bouvet
  • Febrianti Wibawa  
    Capgemini
  • Joachim Kaland  
    Orkla
  • Tor Einar Jørgensen  
    Helse Midt-Norge
  • Thomas Bladh  
    1DigitalTrust
  • Donnie Lund  
    1DigitalTrust
  • Piotr Cieslewicz  
    EFF
  • Andreas Moos  
    PwC
  • Paul Hemelsoet  
    Statkraft AS
  • Trygve Leivestad  
    Orkla IT AS
  • Simon Rudkin  
    Aibel AS
  • Satkardeep Singh  
    HCL
  • Hildegunn Haugestøl  
    Elkjøp
  • Amund Skaar-Hval  
    Capgemini
  • Sonja Hennie Hansen  
    Helse Midt-Norge
  • Knut Selliseth  
    Helse Midt Norge
  • Eigil Bjelde Jensen  
    Norske Skog AS
  • Yngve Karlsen  
    Aker BP
  • Lenny Hidalgo  
    KPMG
  • Sarmad Reda  
    1DigtialTrust
  • Troels Lindgaard  
    1DigitalTrust
  • Eva-Maria Fahrer  
    SBN-Adfahrer
  • Jan Peter Koch  
    Statkraft AS
  • Therese Malcho  
    Nets Denmark A/S
  • Jurijs Tolokoncevs  
    Zalaris ASA
  • Lars Grorud  
    elkjop
  • Diwakar Thanikachalam  
    Zalaris ASA
  • Martin Brownsword  
    SBN-Adfahrer
  • Jens Petter Karlsen  
    Accenture AS
  • Peter Jaeger  
    itelligence Nordic