SAP, Credit Cards, and the Bird That Knows Too Much
Offered By: Black Hat via YouTube
Course Description
Overview
Explore SAP vulnerabilities, credit card security, and business process attacks in this Black Hat conference talk. Dive into core attack vectors, learn how to determine and manipulate victim bank accounts, and understand credit card processing in SAP systems. Discover methods for accessing cleartext cardholder information and decrypting encrypted credit card numbers. Examine external vendor payment solutions and their connectivity. Gain insights into implementing holistic security processes and automation to protect SAP environments. Equip yourself with knowledge on SAP security best practices and potential threats in this comprehensive 44-minute presentation.
Syllabus
Intro
Attacking the Core
Attack Vectors
How can it be attacked?
What is a Business Process?
Example: Attacking the Business Processes
Determining Victim Bank Accounts
Changing the Bank Accounts
End of Chapter!
Credit Card Processing on SAP
Credit Card Data
Accessing Cleartext Cardholder information
Free Tool? - Sapsucker
Decrypting Encrypted Credit Card Numbers
External Vendors for Payment Solutions
Standard Concept
External Payment Card Interface Connectivity
Address The Complete Picture
Implement a Holistic Process to Stay Secure
Automate it
The Menu of SAP Security
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network