- Website: https://erpscan.com
- Company size (employees): 50
- Headquarters Region: North America
In 3 bullets, summarize why this company deserves recognition
We have the only solution on the market that enables effective Identification, Analysis and Remediation and Detection of security issues and attacks in SAP and Oracle business applications and helps to protect system against cyber-attacks and internal fraud. It embraces the four tiers of SAP security: Vulnerability Management, Source Code Security for custom ABAP and JAVA programs, and Segregation of Duties and Threat Detection. And finally, it has Industry-specific checks for such fields as Oil and Gas, Retail, Manufacturing and others.
Our Research team
ERPScan research team won the recognition of the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for exposing 400+ vulnerabilities and was nominated for the best server-side vulnerability in BlackHat 2013.
ERPScan experts were invited to speak, present and train at 80+ prime international security conferences in 28+ countries all over the world, e.g. BlackHat, RSA, HITB as well as private trainings for SAP in several Fortune 2000 companies.
ERPScan researchers conduct a non-profit EAS-SEC project, which is focused on enterprise application security research and awareness. They published 3 exhaustive annual award-winning Threat Reports on SAP Security.
All members of our team are qualified experts with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct research in SAP system security.
- We got 35+ Awards including SC Magazine Rookie Company and CRN Emerging Vendor during last 2 years and were mentioned in The Guardian, Wired, VICE, Business Insider, Reuters, The Register, and other media sources in 20+ countries without ANY investment on PR agencies.
In less than 300 words, summarize the achievements of the company in the nominated category
ERPScan is one of a few self-funded profitable cybersecurity companies with 315% revenue growth in 2015
Innovation is our core competency. Even before the company was founded our experts and researchers had been renowned for being ahead of market demand.
2010 World first enterprise-level platform to monitor SAP security
2011 World first product to analyze SAP J2EE Platform security
2013 World first Product to combine vulnerability Assessment, Source Code Scanning, and
Segregation of Duties checks in one platform
2015 World first product to analyze Oracle PeopleSoft Platform security
2015 Automatic correction for vulnerabilities in the ERP Systems source code
2016 Virtual Patching for 0-day ERP vulnerabilities
2016 The only platform to combine Vulnerability Management, Code Scanning, SoD, and Threat
Detection for ERP Systems
2009 World first public presentation about SAP front-end software security
2010 World first public presentation describing attacks on Oracle Business Application (OracleJDE)
2010 Reported world-first vulnerabilities in SAP BusinessObjects
2011 World first public presentation about SAP J2EE security
2012 World first public presentation about Oracle PeopleSoft attacks
2013 Invention of a new type of attacks (SSRF) against SAP and other applications
2013 World first vulnerabilities published in SAP Mobile applications
2014 World first training covering Business Application Security
2015 World first public presentation about SAP Mobile Platform security
2015 World first research about Oil and Gas Cybersecurity
2016 World first SAP Cybersecurity Threat Report
– 3 most critical issues revealed in SAP
– Leaders by the number of founded vulnerabilities in SAP and Oracle (400+)
– 80+ Innovative Presentations at security conference
– Award-winning research series “SAP Security in figures”
– 2nd Place on Top Web Hacking Techniques 2012
- Vote For This Nomination