Promote this Nomination

Additional Info

Company size (employees)50
Headquarters RegionNorth America


ERPScan is one of a few self-funded profitable cybersecurity companies with 315% revenue growth in 2015

Innovation is our core competency. Even before the company was founded our experts and researchers had been renowned for being ahead of market demand.

Product Innovations:

2010 World first enterprise-level platform to monitor SAP security

2011 World first product to analyze SAP J2EE Platform security

2013 World first Product to combine vulnerability Assessment, Source Code Scanning, and

Segregation of Duties checks in one platform

2015 World first product to analyze Oracle PeopleSoft Platform security

2015 Automatic correction for vulnerabilities in the ERP Systems source code

2016 Virtual Patching for 0-day ERP vulnerabilities

2016 The only platform to combine Vulnerability Management, Code Scanning, SoD, and Threat

Detection for ERP Systems

Research Innovations:

2009 World first public presentation about SAP front-end software security

2010 World first public presentation describing attacks on Oracle Business Application (OracleJDE)

2010 Reported world-first vulnerabilities in SAP BusinessObjects

2011 World first public presentation about SAP J2EE security

2012 World first public presentation about Oracle PeopleSoft attacks

2013 Invention of a new type of attacks (SSRF) against SAP and other applications

2013 World first vulnerabilities published in SAP Mobile applications

2014 World first training covering Business Application Security

2015 World first public presentation about SAP Mobile Platform security

2015 World first research about Oil and Gas Cybersecurity

2016 World first SAP Cybersecurity Threat Report

Overall Leadership:

– 3 most critical issues revealed in SAP

– Leaders by the number of founded vulnerabilities in SAP and Oracle (400+)

– 80+ Innovative Presentations at security conference

– Award-winning research series “SAP Security in figures”

– 2nd Place on Top Web Hacking Techniques 2012

How we are different

Our Product
We have the only solution on the market that enables effective Identification, Analysis and Remediation and Detection of security issues and attacks in SAP and Oracle business applications and helps to protect system against cyber-attacks and internal fraud. It embraces the four tiers of SAP security: Vulnerability Management, Source Code Security for custom ABAP and JAVA programs, and Segregation of Duties and Threat Detection. And finally, it has Industry-specific checks for such fields as Oil and Gas, Retail, Manufacturing and others.

Our Research team
ERPScan research team won the recognition of the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for exposing 400+ vulnerabilities and was nominated for the best server-side vulnerability in BlackHat 2013.

ERPScan experts were invited to speak, present and train at 80+ prime international security conferences in 28+ countries all over the world, e.g. BlackHat, RSA, HITB as well as private trainings for SAP in several Fortune 2000 companies.

ERPScan researchers conduct a non-profit EAS-SEC project, which is focused on enterprise application security research and awareness. They published 3 exhaustive annual award-winning Threat Reports on SAP Security.

All members of our team are qualified experts with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct research in SAP system security.

Our Recognition
- We got 35+ Awards including SC Magazine Rookie Company and CRN Emerging Vendor during last 2 years and were mentioned in The Guardian, Wired, VICE, Business Insider, Reuters, The Register, and other media sources in 20+ countries without ANY investment on PR agencies.