From Exposure to Exploitation: How Attackers Can Access Exposed NetSuite Data

NetSuite is one of the worlds leading ERP systems and handles business critical data for thousands of organisations. My latest research uncovers how many of these organisations are leaking sensitive data to the public through misconfigurations in their access controls, akin to my previous research into ServiceNow and Salesforce. The significance of this is not only the nature of the data exposed, often PII, but also the sheer scale at which I found these exposures to be occurring.

Check out the full technical article on the AppOmni Labs blog.