ERPScan
Promote this Nomination
Photo Gallery
![]() |
ERPScan

Additional Info
Website | https://erpscan.com |
Company size (employees) | 50 |
Headquarters Region | North America |
In 3 bullets, summarize why this company is different from the competition and deserves recognition:Our Product Our Research team ERPScan experts were invited to speak, present and train at 80+ prime international security conferences in 28+ countries all over the world, e.g. BlackHat, RSA, HITB as well as private trainings for SAP in several Fortune 2000 companies. ERPScan researchers conduct a non-profit EAS-SEC project, which is focused on enterprise application security research and awareness. They published 3 exhaustive annual award-winning Threat Reports on SAP Security. All members of our team are qualified experts with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct research in SAP system security. Our Recognition |
Brief Overview
ERPScan is one of a few self-funded profitable cybersecurity companies with 315% revenue growth in 2015
Innovation is our core competency. Even before the company was founded our experts and researchers had been renowned for being ahead of market demand.
Product Innovations:
2010 World first enterprise-level platform to monitor SAP security
2011 World first product to analyze SAP J2EE Platform security
2013 World first Product to combine vulnerability Assessment, Source Code Scanning, and
Segregation of Duties checks in one platform
2015 World first product to analyze Oracle PeopleSoft Platform security
2015 Automatic correction for vulnerabilities in the ERP Systems source code
2016 Virtual Patching for 0-day ERP vulnerabilities
2016 The only platform to combine Vulnerability Management, Code Scanning, SoD, and Threat
Detection for ERP Systems
Research Innovations:
2009 World first public presentation about SAP front-end software security
2010 World first public presentation describing attacks on Oracle Business Application (OracleJDE)
2010 Reported world-first vulnerabilities in SAP BusinessObjects
2011 World first public presentation about SAP J2EE security
2012 World first public presentation about Oracle PeopleSoft attacks
2013 Invention of a new type of attacks (SSRF) against SAP and other applications
2013 World first vulnerabilities published in SAP Mobile applications
2014 World first training covering Business Application Security
2015 World first public presentation about SAP Mobile Platform security
2015 World first research about Oil and Gas Cybersecurity
2016 World first SAP Cybersecurity Threat Report
Overall Leadership:
– 3 most critical issues revealed in SAP
– Leaders by the number of founded vulnerabilities in SAP and Oracle (400+)
– 80+ Innovative Presentations at security conference
– Award-winning research series “SAP Security in figures”
– 2nd Place on Top Web Hacking Techniques 2012