Good news for everyone who likes to keep hackers and industrial spies on the other side of their network defenses: There is a full load of SAP security talks, SAP vulnerability demos, SAP risk discussions and even a “capture the flag” (CTF) contest at this year’s Troopers conference in Heidelberg.
On March 17, there will be a hands-on workshop hosted by BIZEC.org.
Various renowned SAP security companies provide “capture the flag” challenges on various SAP platforms, including AS ABAP and HANA. “Capture the flag” means that participants are challenged to find (specifically prepared) weak spots in demo systems. Of course there will be some hints and guidance by the trainers. There will also be talks on authorization concepts and a joined forensic analysis of the traces the participants left when trying to find the weak spots…
On March 18, there is an impressive line-up of top security researchers demonstrating SAP security risks and (former) 0-day vulnerabilities they discovered and reported to SAP. There will be 7 talks that provide a good overview of current SAP risks and mitigation strategies.
It’s a rare opportunity to get in touch with so many independent SAP security experts at once, including the top 6 SAP security research companies (by number of 0-days reported).
Further details via www.troopers.de. (See “Agenda” and “Trainings”)
My conclusion: see you there!