Hacking & Protecting Oracle E-Business Suite
Date: Wednesday, April 24, 2019
Time: 12:00 PM ET
ERP applications are an attractive target for attackers due to the business sensitive information they store such as customers, suppliers, credit cards and personal information, among others. This presentation includes research of more than 180 vulnerabilities found in a year for Oracle E-Business Suite including different types and risks such as Denial of Service, Password Disclosure, User Creation, Cross Site Scripting, and the mitigation options to protect these systems.
Attend this session to learn:
- The basics related to key vulnerabilities and how they work
- Show real-life scenarios of how an attacker can take advantage of the vulnerabilities
- How to prevent attacks in Oracle E-Business Suite
- Advantages and disadvantages of the Security Configuration Console
- The importance of patch management
Senior Security Researcher, Onapsis
Michael Miller is a senior security researcher and architect at Onapsis with over twenty years of working with Oracle technologies and applications. He holds several security certifications from (ISC)2 and is a frequent speaker at industry conferences. He has experience securing, managing and delivering cloud-based enterprise services, considerable technical experience and deep knowledge of IT security, enterprise applications and a passion for excellence and the simplification of business processes.
His certifications include Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified Cloud Security Professional (CCSP), Oracle Corporation Security Customer Advisory Board (2005-2007), ITIL v3 Foundations certified.
He is regularly invited to speak and host trainings at global industry conferences including Blackhat, HackInTheBox, Troopers, and SAP TechEd/DCODE.
Founder and CEO, ERP Risk Advisors
Jeffrey Hare, CPA CIA CISA is the founder and CEO of ERP Risk Advisors. His extensive background includes public accounting (including Big 4 experience), industry, and Oracle Applications consulting experience.
Jeffrey has been working in the Oracle Applications space since 1998 with implementation, upgrade, and support experience. Jeffrey is a Certified Public Accountant (CPA), a Certified Information Systems Auditor (CISA), and a Certified Internal Auditor (CIA). Jeffrey has worked in various countries including Austria, Australia, Brazil, Canada, Germany, Ireland, Mexico, Panama, Saudi Arabia, United Kingdom, and United Arab Emirates. He is a graduate of Arizona State University and lives in northern Colorado with his wife and three daughters.