Enterprise resource planning (ERP) from SAP and other monolithic enterprise applications from big vendors like Oracle are at risk from multiple forms of attack, according to Juan Pablo Perez-Etchegoyen, CTO of cybersecurity firm Onapsis.
In a video demonstration at the Black Hat USA security conference in Las Vegas, Perez-Etchegoyen detailed multiple weaknesses and attack vectors for popular enterprise applications.
"There are security problems that are the same for many business critical applications," he said.
The security issues are due to multiple factors including complexity, proprietary protocols, change management procedures and interfaces. While both Oracle and SAP patch for security vulnerabilities in regular updates, Perez-Etchegoyen emphasized that not all security considerations can be addressed by patching alone.
"It's very easy to have one system that is not protected that can be used to compromise the rest of the system," Perez-Etchegoyen warned.
Watch the full video with Perez-Etchegoyen below:
Sean Michael Kerner is a senior editor at Enterprise Apps Today and InternetNews.com. Follow him on Twitter @TechJournalist.