Static Data Leak Prevention In SAP - The Next Generation Of DLP

Presented at DeepSec 2013 „Secrets, Failures, and Visions“, Unknown date/time (Unknown duration)

Industrial espionage is an increasingly serious problem for many companies. Even minor data leakage can endanger a company's competitiveness, if data falls into the wrong hands. This talk introduces a fundamentally new concept: Static Data Leak Prevention. While most DLP solutions analyze network traffic during runtime, S-DLP is designed to identify data leaks already during application development. The code examples and data leaks presented are native to SAP environments.

Presenters:

  • Andreas Wiegenstein - Virtual Forge GmbH
    Andreas Wiegenstein has been working as a professional SAP security consultant since 2003. He performed countless SAP code audits and has been researching security defects specific to SAP / ABAP applications. As CTO, he leads the CodeProfiler Research Labs at Virtual Forge, a team focusing on SAP/ABAP specific vulnerabilities and countermeasures. Andreas has trained large companies and defense organizations on ABAP security. He is co-author of the first book on ABAP security (SAP Press 2009). He is also member of BIZEC.org, the Business Security Community.

Links:

Similar Presentations: