A Crash Course On SAP-Specific Cyber Attacks And How To Defend Against Them.

Live Online Training
Fundamentals of Cryptography in Business Systems  

Sound knowledge of protection concepts, different implementation styles and  attack vectors are the ‘basics’ when it comes to safeguarding cryptographic systems. Getting great at the basics is one of the most important ways to protect against cyber threats and it doesn't take as long as you think. Over the span of 5 hours, IT experts with different disciplines  learn together how to  get ‘great’ at managing cryptographic systems in your business IT environment. Structured to be hands-on, security topics are broken down into bite sized concepts with interactive exercises, and demonstrations that make learning directly applicable and easier to recall later. On top of that you will be able ask questions along the way, receive direct feedback, and participate in a ‘ask-anything’ session with your instructor. 
Duration

5 hours

Live instructor:

Learners

Maximum 14

Access and Infrastructure

Certification

 Certificate Upon Completion

Price

500 € per learner

Who’s a Good Fit

 Developer

 Application Administrators

 Network Administrators

 Cloud Infrastructure Administrators

 Application Security Experts

 Security Architects

 IT Security Auditors

A Taste of What You Will Learn:

  • Understand the protection capabilities of different kinds of cryptographic systems and the challenges using them.
  • Through real-world examples you will learn the most common mistakes people make when protecting cryptographic systems how to avoid them.
  • Learn how you can compile criteria for the protection traits by regulations, independent advisory and business needs your cryptographic system require.
  • Gain practical experience in creating a cryptographic system by creating a public key infrastructure by applying the different steps involved to understand the obstacles for creating and hardening such a system
  • Find out how you can assess the most important parameters of cryptographic system and what questions are relevant to ask to verify if a certain system meets protection goals

Course Information

Overview
Who's a Good Fit
Prerequisites
Practice Environment Tools

Operations

  • Developer

  • Application Administrators

  • Network Administrators

  • Cloud Infrastructure Administrators


IT Security

  • Application Security Experts

  • Security Architects

  • IT Security Auditors

NIST/NICE Cybersecurity Workforce Framework Work Roles
Work Role Title Work Role ID
Security Control Assessor SP-RSK-002
Information System Security Developer SP-SYS-001
Software Developer SP-DEV-001
Secure Software Assessor SP-DEV-002
Systems Developer SP-SYS-002
System Administrator OM-ADM-001
IT Program Auditor
OV-PMA-005

Who Else Might Be A Good Fit

  • If you have a technical background but now you work as a team lead or policy maker but need to understand the effort of implementing and operating  cryptographic systems required for your organisation.

         Mandatory:

  • General understanding of information theory such as the sender and receiver principle
  • Fundamental knowledge of discrete mathematics and statistics

Recommended:

  • Reading and understanding simple source code examples
  • Use command line tools by applying POSIX syntax and read simple BASH or Windows command scripts
  • The general approaches of information security classification by the CIA triad

Helpful:

  • General knowledge on the concepts of public key infrastructures and digital signatures
  • Bracketing and concepts of access management like Biba, Clark-Wilson, Bella-Padula, Chinese Wall.



For this course you will use a lab environment hosted by us to practice. The lab provides access to an SAP S/4HANA landscape consisting of two stages and a SAP NetWeaver Java application server. You can access to environment by a virtual desktop system with all necessary tools preinstalled.

In addition you will need:

The latest version of the OpenSSL software for your operating system https://www.openssl.org/source/ 

A HTML5 ready browser preferably Edge, Chrome, Firefox

(Optional) Zoom

SAP Security Training Overview

Number of Modules: 5
Duration:
5 hours
Duration: 2 days, 5 hours total, (day 1 9:00am - 13:00 CET, day 2* 9:00 – 10:00 CET) *day 2 to be scheduled within 1 month of day 1.
Class size: 7-14 participants per class
Investment: 500 EUR per person taxes excluded
Software Version: Unrestricted
Instructor:  Marco Hammel

Modules Covered in Training:
  • Fundamental of Cryptography in Business Systems
  • Fundamentals of Assessing Cryptographic Systems
  • Fundamentals of Hardening Cryptographic Setups
  • Fundamentals of Cryptographic Protection Concepts in Cloud Infrastructure

*NO MONKEY SAP Security training content is referenced to existing standards for application security such as OWASP, NIST , and SAP recommendations.