Business-critical ERP systems such as SAP and Oracle hold sensitive information and run the processes businesses use everyday. Are your ERP systems protected from insider and outsider threats? How do you know your system hasn’t been hacked already?

Join us at Black Hat USA in Las Vegas, Nevada. We will be at booth #1601 waiting to discuss your SAP or Oracle ERP systems and how we can help you secure them.


Hacking SAP HANA Through its Password Recovery System

Date: Wednesday, August 8th
Time: 1:50 - 2:40 PM
Speaker: Nahuel Sanchez, Security Researcher, Onapsis Research Labs

Almost all modern systems implement a password recovery mechanism. Most of these implementations are designed from scratch and do not align to an industry standard, leading to a recipe for disaster. As business-critical application security leaders, the Onapsis Research Labs has been analyzing how the most common vulnerabilities affecting these implementations can affect an ERP environment such as SAP.

During this presentation, the most common problems and errors affecting password recovery systems will be described and a live demonstration of a critical vulnerability affecting SAP HANA Self-Service will be shown.


Meet the Onapsis Executives

Schedule a consultation with our executive team at Black Hat USA for a private discussion about market trends, latest research topics and product updates. You will have the opportunity to ask questions about your ERP system security posture and learn best practices from our experts tailored to your organization’s business strategy.

Mariano Nunez

CEO and Co-founder

Ashish Larivee

Chief Product Officer

Juan Pablo Perez-Etchegoyen

CTO and Co-founder