Learn To Catch Security Vulnerabilities On The SAP Business Technology Platform (BTP) -
Before They Go Live!

Open Sessions
Fundamentals Of Developing Secure Cloud Foundry Apps On The SAP BTP

Offered exclusively by NO MONKEY, this online classroom training brings together the SAP operations and IT Security lines of defense. It teaches them how to put preventive controls in place to detect and manage JavaScript code security flaws in the SAP BTP Cloud Foundry framework. In 4 hours, your organization will gain essential skills to reduce enterprise risk, identify security blind spots and break up silo culture. Training modules are delivered live by our NO MONKEY SAP Security experts, referenced to existing standards for application security, and based on secure coding best practices.
Cost

€ 400
per learner

Live instructor

Learners

Maximum 14 Learners

Duration

4 hours

Certification

 Certificate Upon Completion

Date

24 April 2023

Who’s a Good Fit

 SAP Business Technology Platform Developer
 Development Consultant
 Code Security Consultant
 Application Security Expert

A Taste of What You Will Learn:

  • Understand why traditional application security approaches don’t work in the SAP BTP environment and what approaches and practices work best to secure Cloud Foundry Apps on SAP BTP
  • Take a journey through the security capabilities and limitations of Cloud Foundry and Node.JS.
  • Learn the common security vulnerabilities and application threats that result from misconfiguration and coding errors. Discover how to identify and prevent them earlier on during development and resolve them faster when they occur
  • Identify the main threats and drivers of security issues within PaaS environment and which free tools are available to help you conquer them
  • Gain practical experience to address security flaws within SAP BTP applications throughout the software development life cycle (SDLC) efficiently by learning which controls to implement that prevent the release of vulnerabilities
  • Find out who to notify within your organization about missing or insufficient security requirements and design flaws and how to resolve it
  • Learn the most critical vulnerabilities to look out for during the review and testing phases and how to quickly address the issues you find

Course Information

Overview
Who's a Good Fit
Prerequisites
Practice Environment Tools

Audit Line of Defense

  • SAP Business Technology Platform Developer
  • Development Consultant

Information Security Line of Defense

  • Code Security Consultant
  • Application Security Expert

Who Else Might Be A Good Fit

If you have a traditional ABAP® development background and are just beginning with Javascript this course is a great fit to help you understand JavaScript and CDS Views from a security point of view and enhance your capability to develop secure apps

NIST/NICE Cybersecurity Workforce Framework Work Roles

Work Role Title Work Role ID
SAP Software Developer (for SAP BTP) SP-DEV-001
(SAP) Secure Software Assessor SP-DEV-002
SAP Security Architect SP-ARC-002

SAP Security Training Overview

Number of Modules: 4
Duration: 1 half-day, 4 hours total, (9:00 – 13:00 CET)
Class size: 7-14 participants per class
Investment: €400 per person (excluding taxes)
Software Version: Unrestricted
Instructor: Marco Hammel
Modules Covered in Training:
  • Fundamental Threats to PaaS Cloud Applications
  • Overview of Protective Capabilities in Cloud Foundry on SAP Business Technology Platform
  • Fundamental Node.JS Code Security Flaws for Cloud Foundry Applications
  • Fundamental Code Security Aspects for Node.JS Applications on Cloud Foundry
*NO MONKEY SAP Security training content is referenced to existing standards for application security such as OWASP, NIST , and SAP recommendations.

Mandatory:

  • General knowledge on application software programming

Recommended:

  • Basic knowledge on the SAP Business Technology Platform

Helpful:

  • Common knowledge on the opinionated concept of Cloud Foundry
  • Basic understanding of the SAP Cloud Application Programming Model

Technical Prerequisites 

For more information, click here

Standard:

For BTP courses you will use the SAP BTP trial environment to practice. The account is free of charge and provided by SAP. If you do not have an account already, you will need to create one here 

In addition you will need:

Github Sample and exercise code here 
The Cloud Foundry CLI utilities