Black Hat Europe资料eu-15-Polyakov-Cybersecurity-For-Oil-And-Gas-Industries-How-Hackers-Can-Manipulate-Oil-Stocks-wp.pdfVIP

SAP Cybersecurity for Oil and Gas Alexander Polyakov Matheu Geli SAP Cybersecurity for Oil and Gas Disclaimer2 Intro 3 Oil and Gas Cybersecurity5 Oil and Gas 101 7 Critical Processes11 Enterprise Applications in Oil and Gas 21 SAP in Oil and Gas21 Attacking Oil and Gas 25 ERP entry point 28 Conclusion 36 References 38 Additional reading 39 About ERPScan 40 About ERPScan Research Team 41 Our Contacts 42 1 SAP Cybersecurity for Oil and Gas Disclaimer The partnership agreement and relationship between ERPScan and SAP prevents us from publishing the detailed information about vulnerabilities before SAP releases a patch. This review will only include the details of those vulnerabilities that we have the right to publish as of the release date. However, additional examples of exploitation that prove the existence of the vulnerabilities are available in conference demos as well as at ERPS. Our SAP security surveys and research in other areas of SAP security do not end with this whitepaper. You can find the latest updates about the statistics of SAP services found on the Internet and other endeavors of the EAS-SEC project. This document or any part of it cannot be reproduced in whole or in part without prior written permission of ERPScan. SAP SE is neither the author nor the publisher of this whitepaper and is not responsible for its content. ERPScan is not responsible for any damage that can be incurred by attempting to test the vulnerabilities described here. This publication contains references to SAP SE p