Scores of Vulnerable SAP Deployments Uncovered 118
mask.of.sanity writes "Hundreds of organizations have been detected running dangerously vulnerable versions of SAP that were more than seven years old and thousands more have placed their critical data at risk by exposing SAP applications to the public Internet. The new research found the SAP services were inadvertently made accessible thanks to a common misconception that SAP systems were not publicly-facing and remotely-accessible. The SAP services contained dangerous vulnerabilities which were since patched by the vendor but had not been applied."
Re:Law should require transparency (Score:5, Informative)
Re:Security and Market Dominance by Obscurity (Score:4, Informative)
Implementations typically run in timescales of years and millions of dollars, with teams of developers, DBAs, etc. The software suite is a canned solution that you then slightly (or vastly) modify to tailor to your business needs. ( My job as a systems & storage administrator at a major US-based snack food company has me managing the ~30 Linux servers that run our Oracle databases on the DB tier and Oracle EBusiness suite at the application tier, backed by all manner of storage arrays, NAS devices, FC SANs, load balancers, etc, etc. Fun stuff! )
Think of it as Quicken, but on a very large scale.