Seven years of research and security assessment focused on enterprise business applications such as ERP, SRM, CRM, and others of top vendors such as SAP, Oracle and Microsoft realize that none of the current guidelines and projects perfectly cover those systems. It pushes us into creating a project started from owasp chapter and later moved to separate project EAS-SEC results of which we will present.