Übersicht
This hands-on course focuses on securing SAP landscapes across all layers OS, network, database, and application. Participants will explore hardening techniques, logging and auditing, secure configurations for NetWeaver, HANA, and Fiori, and modern authentication methods. Guided attack-and-defense exercises simulate real-world threat scenarios, including RFC Gateway exploits, ABAP credential attacks, and SAP kernel manipulation. The course also covers SAP Cloud Connector, SNC, encryption, and integration with enterprise security tools.
Lernziele
Attacks on SAP system are nowadays daily business. You will face hackers which do have in general a very good SAP Know-how to use smallest security holes to get access to enterprise data. The knowledge of the way of the attacks, attained in the workshop and the sensitization for danger potentials in the own SAP system sharpen consciousness for security questions.
Hinweise
Claranet conducts this training in co-operation with SAP Education.
Please register directly online at SAP Training. You will receive the confirmation of course registration from SAP. You will also be charged directly by SAP. We are looking forward to welcome you in our training rooms at Claranet in Walldorf (D) or Regensdorf (CH) with our certified trainers from Claranet. This course is also available as Virtual Classroom. With the Virtual Classroom you can attend this seminar from home or from your office. It requires an internet connection, a headset, a webcam, and two screens. More information about Virtual Classroom can be found here.
Zielgruppe
This course is intended for SAP system administrators, auditors, team members and team leaders for technical security.
Voraussetzungen
Required knowledge: SAPTEC (SAP NetWeaver:Basics of Application Platform),
ADM100 (SAP Web AS Administration I) and ADM960 (Security in SAP System Environments)
Recommended knowledge: KnowHow regarding security related questions and technical skills (Web Technology ITS, SAP Basis)
Inhalte
- Operating System
- Network File Share Access
- Windows/Linux Hardening
- Cloud - Azure Security Features
- Attacking Windows Remote*
- Database
- Database hardening
- SAP HANA Security
- SAP
- SAP Security Notes / SAP Security Patching
- Overview NetWeaver IdM und GRC Access Control
- Logging and Auditing
- Attack ABAP Credentials*
- Use of SAP kernel programs to manipulate data
- Customizing / Coding / Code manipulation*
- Transport Management
- Read Access Logging (RAL)
- RFC Security
- Unified Connectivity (UCON)
- Gateway Monitor & Security
- RFC Gateway Hack*
- ICM and ICF
- SAP Web Dispatcher
- Message Server
- Automatic Penetration Testing*
- SecStore security*
- SAP Cloud Connector Security
- SAP Fiori Security
- Overview SAP Solution Manager & Agents
- Virus Scan Interface
- Encryption and SNC 2.0
- Network traffic sniffing*
- Authentication & SSO (Kerberos, SPNego, SAML, SAP SSO 3.0)
- Enterprise Thread Detection (ETD)
- is carried out by the participant as attack and defense scenarios in the course, with support from the trainer
Termine
