Another success for Swascan’s Cyber Security Resarch Team. After the accomplishments gained
with Adobe, Microsoft, Lenovo,Huawei and Nokia it was SAP’s turn, the leading global ERP software
provider, to end up under the watchful eye of Swascan’s magnifying glass. The analysis result
yielded several vulnerabilities of critical level related to SAP’s IT infrastructure.
Swascan, the Italian Cyber Security Company founded by Pierguido Iezzi and Raoul Chiesa, is the
first cloud-based Cybersecurity Testing platform that allows to identify, analyze and solve the
vulnerabilities of websites and information infrastructure.
The first step
Thanks to their expertise in the field of Cyber Security, Swascan’s experts have isolated some highlevel
criticalities that could have potentially compromised SAP. Following the first phase of
identification, a detailed Responsible Vulnerability Disclosure was drawn up where the
vulnerabilities found were highlighted. These, in the hands of Criminal hackers, could have caused
damage to SAP in the field of data and information security and Business continuity.
A Successful cooperation
Following these steps, Swascan immediately made contact with SAP to inform them about the
discoveries and set up an effective remediation activity designed to close the identified criticalities.
SAP’s case was also discussed by Swascan’s Co-Founder, Pierguido Iezzi: “Because we live in the
era of Cyber Crime as a Service, threats and vulnerabilities are growing exponentially. Those who
have the task of protecting business infrastructures and consumers can no longer remain locked up
in their own silo of expertise. Openness to external know-how and experience has become a must.
This is the spirit in which Swascan’s team worked with SAP’s PSIRT.”
The Swascan Cyber Security Research Team’s analysis of the criticalities showed potential risks in
the field of:
There’s strength in numbers
This synergy established between Swascan and SAP is the echoes the words of Pierguido Iezzi: the
skills and tools of the Cyber Security experts can only perform to the their maximum if on the
company side there’s a secure IT infrastructure and a qualified staff able to work in maximum
harmony with its counterparts.
Pierguido Iezzi, CyberSecurity Director
Raoul Chiesa, Swascan co-founder, InfoSec addicted