Threat intelligence indicates that threat actors have been evolving in recent years to target and exploit SAP applications to deploy ransomware, perform financial fraud, access SAP information, and use SAP application infrastructure. Join this session to review the threat actors that target SAP applications and understand their tactics, techniques, procedures, and motivations. This session will incorporate a deep dive into the latest zero-day exploitation of CVE-2025-31324, which led to the compromise of hundreds of SAP applications worldwide. Additionally, you will learn from practical examples of techniques used by real threat actors. Understand how to assess, detect and prevent these attacks through practical security measures that organizations must take to secure their SAP landscape, including SAP S/4HANA and applications exposed through SAP BTP.

This session will cover:

• Known exploited vulnerabilities, attack vectors, and indicators of compromise that can help organizations detect security incidents affecting SAP applications.

• Practical mitigations and controls to secure SAP applications against known attacks.

• Simple steps to improve the security of SAP applications across on-premise and cloud environments.