ERP systems based on SAP are the heart of any large company, so it is necessary to secure them in the era of cybercrime. The talk consists of various metrics collected by us about SAP vulnerabilities, services exposed to the Internet, and the dynamics over the last seven years compared with 2013. The top five most valuable SAP issues published in 2012 and the ways to exploit them will also be presented.