Static Data Leak Prevention In SAP - The Next Generation Of DLP

Presented at DeepSec 2013 „Secrets, Failures, and Visions“, Unknown date/time (Unknown duration).

Industrial espionage is an increasingly serious problem for many companies. Even minor data leakage can endanger a company's competitiveness, if data falls into the wrong hands. This talk introduces a fundamentally new concept: Static Data Leak Prevention. While most DLP solutions analyze network traffic during runtime, S-DLP is designed to identify data leaks already during application development. The code examples and data leaks presented are native to SAP environments.

Presenters:

• Andreas Wiegenstein - Virtual Forge GmbH
  Andreas Wiegenstein has been working as a professional SAP security consultant since 2003. He performed countless SAP code audits and has been researching security defects specific to SAP / ABAP applications. As CTO, he leads the CodeProfiler Research Labs at Virtual Forge, a team focusing on SAP/ABAP specific vulnerabilities and countermeasures. Andreas has trained large companies and defense organizations on ABAP security. He is co-author of the first book on ABAP security (SAP Press 2009). He is also member of BIZEC.org, the Business Security Community.

Links:

• https://deepsec.net/archive/2013.deepsec.net/speaker.html#PSLOT117

Similar Presentations:

• Black Hat USA 2014 / Stay Out of the Kitchen: A DLP Security Bake-Off
• Summercon 2015 / Back to the Kitchen: DLP Security Bakeoff, THE SEQUEL
• Black Hat Asia 2016 / The Kitchen's Finally Burned Down: DLP Security Bakeoff