Sap
ITWeb Security Summit 2012
This year, for the fourth time, myself and some others here at SensePost have worked together with the team from ITWeb in the planning of their annual Security Summit. A commercial conference is always (I suspect) a delicate balance between the different drivers from business, technology and ‘industry’, but this year’s event is definitely our best effort thus far. ITWeb has more than ever acknowledged the centrality of good, objective…
Systems Applications Proxy Pwnage
[2011/9/6 Edited to add Slideshare embed] I am currently in London at the first ever 44con conference. It’s been a fantastic experience so far – excellent talks & friendly people. Yesterday, I presented a paper titled “Systems Applications Proxy Pwnage” . The talk precis sums it up nicely: It has been common knowledge for a number of years that SAP GUI communicates using an unencrypted and compressed protocol by default,…
Page 1 of 1