Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: ERP software security issues - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ERP software security issues
Hi


Our company created a ERP software for mid-size companies. We tested our software with regular routines. Is there any standards or guidelines to check integrity of forms and permissions of them? Does SANS or any other organization have anything about security of ERP softwares and systems? Any hint would be really appreciated.

Best Regards
AMAS
AMAS

1 Posts
Amas,

You might try reviewing the following at OWASP --> owasp.org/index.php/…

Russell
Russell

88 Posts
ISC Handler
Hi,

Assuming that you are running this with a SQL backend, the following must be taken care of

1. Ensure that SQL injection attacks are taken care of. Basically, all SQL vulnerabilities.
2. The application is not running with the super admin login but with reduced rights.
vivkkrishnan2005

1 Posts
Quoting vivkkrishnan2005:Hi,

Assuming that you are running this with a SQL backend, the following must be taken care of

1. Ensure that SQL injection attacks are taken care of. Basically, all SQL vulnerabilities.
2. The application is not running with the super admin login but with reduced rights.



When we work with ERP and like to stay safe

Never use default password, there are thefts that are checking this and default password

Thanks,

Saulo Silva
https://pedidosapp.com
Anonymous

Sign Up for Free or Log In to start participating in the conversation!