A Crash Course on SAP-Specific Cyber Attacks & how to Defend Against Them

Open Session
Fundamentals of Cryptography in Business Systems  

Sound knowledge of protection concepts, different implementation styles and attack vectors are the ‘basics’ when it comes to safeguarding cryptographic systems. Getting great at the basics is one of the most important ways to protect against cyber threats and it doesn't take as long as you think. Over the span of 5 hours, IT experts with different disciplines learn together how to  get ‘great’ at managing cryptographic systems in your business IT environment. Structured to be hands-on, security topics are broken down into bite sized concepts with interactive exercises, and demonstrations that make learning directly applicable and easier to recall later. On top of that you will be able ask questions along the way, receive direct feedback, and participate in a ‘ask-anything’ session with your instructor. 
Cost

€ 500 
per learner

Live instructor:

Learners

Maximum 14 Learner

Duration

5 hours

Certification

 Certificate Upon Completion

Start Date

3 July 2023

Who’s a Good Fit

 Developer
 Application Administrators
 Network Administrators
 Cloud Infrastructure Administrators
 Application Security Experts
 Security Architects
 IT Security Auditors

A Taste of What You Will Learn:

  • Understand the protection capabilities of different kinds of cryptographic systems and the challenges using them
  • Through real-world examples you will learn the most common mistakes people make when protecting cryptographic systems how to avoid them
  • Learn how you can compile criteria for the protection traits by regulations, independent advisory and business needs your cryptographic system require
  • Gain practical experience in creating a cryptographic system by creating a public key infrastructure by applying the different steps involved to understand the obstacles for creating and hardening such a system
  • Find out how you can assess the most important parameters of cryptographic system and what questions are relevant to ask to verify if a certain system meets protection goals

Course Information

Overview
Who's a Good Fit
Prerequisites 
Practice Environment Tools

SAP Security Training Overview

Number of Modules: 5
Duration: 5 hours
Duration: 2 days, 5 hours total, (day 1 9:00am - 13:00 CET, day 2* 9:00 – 10:00 CET) *day 2 to be scheduled within 1 month of day 1.
Class size: 7-14 participants per class
Investment: €500 per person (excluding taxes)
Software Version: Unrestricted
Instructor: Marco Hammel
Modules Covered in Training:
  • Fundamental of Cryptography in Business Systems
  • Fundamentals of Assessing Cryptographic Systems
  • Fundamentals of Hardening Cryptographic Setups
  • Fundamentals of Cryptographic Protection Concepts in Cloud Infrastructure
*NO MONKEY SAP Security training content is referenced to existing standards for application security such as OWASP, NIST , and SAP recommendations.

Operations

  • Developer
  • Application Administrators
  • Network Administrators
  • Cloud Infrastructure Administrators

IT Security

  • Application Security Experts
  • Security Architects
  • IT Security Auditors

Who Else Might Be A Good Fit

If you have a technical background but now you work as a team lead or policy maker but need to understand the effort of implementing and operating cryptographic systems required for your organisation.

NIST/NICE Cybersecurity Workforce Framework Work Roles

Systems Developer
Work Role Title Work Role ID
Security Control Assessor SP-RSK-002
Information System Security Developer SP-SYS-001
Software Developer SP-DEV-001
Secure Software Assessor SP-DEV-002
Systems Developer SP-SYS-002
System Administrator OM-ADM-001
IT Program Auditor OV-PMA-005

Mandatory:

  • General understanding of information theory such as the sender and receiver principle
  • Fundamental knowledge of discrete mathematics and statistics

Recommended:

  • Reading and understanding simple source code examples
  • Use command line tools by applying POSIX syntax and read simple BASH or Windows command scripts
  • The general approaches of information security classification by the CIA triad

Helpful:

  • General knowledge on the concepts of public key infrastructures and digital signatures
  • Bracketing and concepts of access management like Biba, Clark-Wilson, Bella-Padula, Chinese Wall

Technical Prerequisites 

For more information, click here

Standard:

For this course you will use a lab environment hosted by us to practice. The lab provides access to an SAP S/4HANA landscape consisting of two stages and a SAP NetWeaver Java application server. You can access to environment by a virtual desktop system with all necessary tools preinstalled

In addition you will need:

The latest version of the OpenSSL software for your operating system found here
A HTML5 ready browser preferably Edge, Chrome, Firefox
(Optional) Zoom