At Onapsis, we’re not only solution leaders—we’re also thought leaders. Here you’ll find a growing library of materials to help you build your cyber resilience strategy. The more light we can shed on business-critical application security and compliance, the better you can drive your business forward, confidently.

Hacking & Protecting Oracle E-Business Suite

Date: Wednesday, April 24, 2019
Time: 12PM ET

ERP applications are an attractive target for attackers due to the business sensitive information they store such as customers, suppliers, credit cards and personal information, among others. This presentation includes research of more than 180 vulnerabilities found in a year for Oracle E-Business Suite including different types and risks such as Denial of Service, Password Disclosure, User Creation, Cross Site Scripting, and the mitigation options to protect these systems.

Attend this session to learn:
  • The basics related to key vulnerabilities and how they work
  • Show real-life scenarios of how an attacker can take advantage of the vulnerabilities
  • How to prevent attacks in Oracle E-Business Suite
  • Advantages and disadvantages of the Security Configuration Console
  • The importance of patch management

Speakers

 
Mike Miller

Senior Security Researcher, Onapsis

Michael Miller is a senior security researcher and architect at Onapsis with over twenty years of working with Oracle technologies and applications. He holds several security certifications from (ISC)2 and is a frequent speaker at industry conferences. He has experience securing, managing and delivering cloud-based enterprise services, considerable technical experience and deep knowledge of IT security, enterprise applications and a passion for excellence and the simplification of business processes.

His certifications include Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified Cloud Security Professional (CCSP), Oracle Corporation Security Customer Advisory Board (2005-2007), ITIL v3 Foundations certified.

He is regularly invited to speak and host trainings at global industry conferences including Blackhat, HackInTheBox, Troopers, and SAP TechEd/DCODE.

 
Jeffrey Hare

Founder and CEO, ERP Risk Advisors

Jeffrey Hare, CPA CIA CISA is the founder and CEO of ERP Risk Advisors. His extensive background includes public accounting (including Big 4 experience), industry, and Oracle Applications consulting experience.

Jeffrey has been working in the Oracle Applications space since 1998 with implementation, upgrade, and support experience. Jeffrey is a Certified Public Accountant (CPA), a Certified Information Systems Auditor (CISA), and a Certified Internal Auditor (CIA). Jeffrey has worked in various countries including Austria, Australia, Brazil, Canada, Germany, Ireland, Mexico, Panama, Saudi Arabia, United Kingdom, and United Arab Emirates. He is a graduate of Arizona State University and lives in northern Colorado with his wife and three daughters.

Request a
Business Risk Illustration

Examine the operational risk and cybersecurity posture of your business-critical applications to determine the potential impact of sub-optimal application performance, unplanned downtime and an attack on your organization’s ERP platforms.

Engage