sap-training-courses

Active Defense – SAP NetWeaver Security Workshop

Today, attacks on SAP systems are a daily occurrence. You will face hackers with very good SAP knowledge, who use the smallest security holes to get access to enterprise data. This workshop will...

Read More
$4,890 USD
Course Code AD680-v003
Duration 5 days
Available Formats Virtual, Classroom
6118 Reviews star_rate star_rate star_rate star_rate star_half
Course Image

Today, attacks on SAP systems are a daily occurrence. You will face hackers with very good SAP knowledge, who use the smallest security holes to get access to enterprise data. This workshop will provide you with knowledge about these attacks, so you can be better prepared for the potential dangers in your own SAP system.

Who Can Benefit

  • System Managers
  • System Administrators
  • Auditors
  • Technical Security Team Members

Prerequisites

  • ADM100
  • ADM960
  • Recommended: Knowledge of security topics and technical background (Web technology, SAP Basis) SAP System Administration

Course Details

Course based on software release

  • SAP NetWeaver 7.02/ SAP NetWeaver 7.4

Content

Operating System

  • File System Security* Windows/Linux, Access Control, User concept
  • Starting Applications from SAP

Database

  • Database access (SAP, external)
  • DB hardening

Network

  • Firewall, Proxy servers
  • SAP Web Dispatcher*, SAProuter*
  • Hacking tools*
  • Brute Force Attacks*
  • RFC Gateway Hack*

SAP

  • User authentication and access control
  • Access over the client barrier
  • Identity Provisioning and Identity Federation with NetWeaver Identity Management
  • SSO (logon tickets, SAML, SPNego, etc.)
  • Authorisation*
  • Switchable authorisation checks
  • SAP NetWeaver AS Java
  • SQL-Injection
  • Automated penetration test*
  • SAP Gateway Security*
  • Misuse of RFC callback
  • Identifying redundant Custom Coding (UPL)
  • SAP Security Patching - Best Practise and Tools
  • Communication Interfaces (RFC, http(s))*
  • Encryption
  • Security in transportation*
  • Logging and trace option
  • SAP Solution Manager, Agents and Wily Introscope Enterprise Manager
  • Enhanced Security in Solution Manager 7.2

New products , tools and transactions of SAP security related news:

  • Enterprise Threat Detection (ETD)
  • Read Access Logging (RAL)
  • Unified Connectivity (UCON) - introduction
  • Authorisation maintenance based on UCON
  • Defining different security policies for user groups (secpol)

(*)will be simulated by the participant as attacker and defender with help of the trainer

Contact Us 1-800-803-3948
Contact Us
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward