OWASP Frankfurt #62 - SAP from the Attackers side & CI/CD Orchestration

Hi all, we are delighted to host the next in-person event in Frankfurt! For this event, we will have a range of interesting talks delivered by leaders within Product & Cyber Security. There will also be plenty of time to socialize before and after the event.

_What's going to happen?

We look forward to welcoming you to our OWASP Frankfurt Meetup hosted by codecentric AG.

_What are we going to talk about?

My CI/CD pipeline contains all security tools available! Now what...?

Jasmin Mair - Experienced application security professional and global product security manager at Leica Microsystems.

Tools are helpful to enable DevSecOps, many challenges and pitfalls highlight the need for a cultural shift. Explore issues such as security resistance, conflicting KPIs and organizational silos. Real-world examples and best practices will provide actionable insights to overcome these obstacles.

Talk 2 - SAP from an Attacker’s Perspective – Common Vulnerabilities and Pitfalls

Nicolas Schickert, penetration tester at usd AG, spearheading the SAP pentest team & Tobias Hamann penetration tester at usd AG with an interest in reverse engineering and vulnerability research

This talk will give an overview of vulnerabilities discovered during SAP pentests and what approach was taken to assess an SAP system’s security. One significant aspect of this talk will be sharing real-world examples of SAP vulnerabilities that were discovered during pentesting. This will help the audience to understand the practical implications of these vulnerabilities and how they can be exploited by attackers. Overall, the takeaway for the audience will be a better understanding of common SAP vulnerabilities, the potential impact of these vulnerabilities, and practical ways to mitigate them. By the end of this presentation, the audience will be equipped with the knowledge and tools needed to secure their SAP systems and prevent attacks.

_Afterwards? We will pre- and conclude the evening with the possibility of socializing at the venue with free food and cold & hot drinks kindly provided by codecentric AG. Due to the hard end at 21.30, everyone interested can join us at the Bockenheimer Weinkontor (https://goo.gl/maps/6DWRcgFEH27FkaDb8) for drinks at their own cost.

_When?

Our Meetup takes place on 21.09.2023 from 17.30 to 21.30 o'clock CEST.

_Where?

codecentric AG, Lise-Meitner-Straße 4, 60486 Frankfurt am Main

_Interested in giving a talk yourself?

Submit your talk here: https://www.papercall.io/owasp-chapter-frankfurt

_And now?

Save the date, spread the word, and bring your friends and colleagues along to our event.

_Follow Us!

Also, follow us on Twitter #owasp_frankfurt and refer to our OWASP Frankfurt site for information including slides and recordings of previous presentations

We're looking forward to seeing you for this in-person event!