Umm Al-Qura University

Umm Al-Qura University

Al-Helmani Discovers Security Vulnerabilities in the Systems of International Companies


General News , Featured news , Accomplishments ,
Added on - 2020/05/18  |  اخر تعديل - 2020/05/18


Hamoud Al-Helmani, a computer science student at Umm Al-Qura University, discovered a vulnerability in the German SAP Software Company. It is worth noting that SAP included his name in the list of efforts of cyber security researchers for the month of March 2020 on the page assigned for responding to cyber threats on its official website.

Al-Helmani also discovered two vulnerabilities in Carnegie Mellon University in the USA and LMU Munich in Germany. The latter vulnerability was admitted by Prof. Martin Röckert, who works for the German university. Al-Helmani won thanks and appreciation from the Saudi CERT for his efforts.

Hamoud Al-Helmani, who is a member of the Cyber Security Club at the university branch in Al-Leith, explained that learning programming methods and keeping up with their developments contributed to developing his scientific skill in finding website bugs and bypassing them according to an accurate handling mechanism. As a result, gaps and holes have been discovered in the websites of leading institutions worldwide, under the supervision of the Head of the Department of Information Technology, Dr. Marwan Al-Bahr, and the guidance of the Dean of the College, Dr. Iskandar Husawi.

Al-Helmani contributed, through the vulnerability discovery platform of the Saudi Federation for Cybersecurity, Programming and Drones, by finding security breaches that he managed to discover in some local authorities. Local and international sectors are currently contacting Al-Helmani regarding working to resolve a number of security holes.

It is reported that the student previously discovered a vulnerability with Google on YouTube. It was a hole that allowed the browser to see the user privacy and bypass the security mechanism. Al-Helmani received a reward approved by Google as part of its policy in discovering gaps whose genuineness have been verified by its security team.

Loading