Fundamentals of Assessing Security Controls and the Security Posture of SAP Systems - Webinar von NO MONKEY Security GmbH

Finally, a course to demystify SAP for security professionals! In this Live Online Training, penetration testers and application security experts take a deep dive into the security traits of SAP technology and the organizations and processes running them in boot camp style. After an extensive four-day training, you can organize, plan and conduct assessments on critical SAP business applications in a gray-box approach resulting in a comprehensive description of the security posture of an SAP system. You will learn how to perform vulnerability assessments, code security reviews, access audits, penetration tests, and red-team engagements in an SAP landscape by providing crystal-clear findings and recommendations SAP organizations can relate to. This training is hands-on, structured with a mix of exercises, demonstrations and coaching. New knowledge and skills become directly applicable and easier to recall later. Access to a practice lab along with a ready-to-use set of SAP-specific and agnostic assessment tools provides you with a boilerplate for your future tool chain and SAP security intelligence sources.

Learn how to conduct a comprehensive reconnaissance for SAP software installations on the internet or in a corporate network environment to identify targets and understand network protection measures

Understand common security issues related to the typical use of SAP business software applications to create more specific and practical advice to remediate or mitigate identified vulnerabilitiesI

dentify common vulnerabilities caused by insufficient hardening of SAP system components or their interaction and how they can be used to compromise a system completely

Learn the security traits of some SAP proprietary remote protocols and how an attacker can leverage them for lateral movement and exploitation

Take a journey through the typical roles in an SAP IT department to understand their security responsibilities and conflicts of interest to ask the right stakeholders about information or support required for an assessment or to exploit the organization's processes and traits like attackers do

Gain practical experience to identify and proof the exploit-ability of vulnerabilities without causing business disruption to implement a safe approach to assess the security state of your SAP environment

Understand the different options on how to defend an SAP system against the most common attacks and adversarial techniques by putting SAP-specific and agnostic protective measures in place

Penetration Tester or Red TeamerApplication Security ExpertBlue TeamerIT Security Auditor

Who Else Might Be A Good FitIf you have a traditional background in SAP operations and database administration and want to get into cybersecurity this course is a great fit to help you expand your existing skills with a security point of view