So this is my attempt to improve on this post I wrote last year and other tests that I find helpful. Whatever is outlined here really is a tip of the iceberg and further tests should definitely be done depending on scope, objectives… Application testing: Controls to test: Default application account credentials Weak application passwordContinue reading “Oracle EBS Security auditing”
Tag Archives: Oracle Enterprise Business Suite
Do you know what your ERP is telling us?
Interesting engagement I had a few weeks ago, a client wanted assurance on their ERP – Oracle E-Business suite, to be specific. I spent a few weeks just to formulate an efficient strategy and be able to cover most controls from an insider threat perspective and an external authenticated attacker angle. For this post, IContinue reading “Do you know what your ERP is telling us?”