“You’'ve got mail - Owning your business with one email”.

Presented at TROOPERS17 (2017), March 22, 2017, 4 p.m. (Unknown duration)

Introduction to mail processing in SAP, business scenarios where this is being used and details on technical processing. Some vulnerabilities in SAP email inbound processing, for example: Snagging credentials by sending emails with malicious attachment to SAP systems running on Windows. Also some DoS examples and Email sender address spoofing.


Presenters:

  • Joris van de Vis
    Joris has got extensive experience as a SAP Technical consultant and has a wide interest in everything ?under the hood? of SAP systems. In addition to developing and working as a SAP Technical consultant, his main interest lies in the SAP Security domain. Next to helping business to secure their SAP systems, Joris is also a SAP researcher and reported over 40 vulnerabilities in SAP applications. He has got 15 years of experience in working for large fortune-500 companies and helped government departments with implementing and securing SAP landscapes. Joris is co-founder of ERP-SEC, a SAP security focused company based in the Netherlands. Joris presented at local SAP usergroup events, at many customers’ sites and also on security Conferences like Troopers#16, Hack.LU, cybersecurityalliance and at SAP headquarters.

Links:

Similar Presentations: