Live Online Training
SAP Security Crash Course for Cybersecurity Professionals

Protect Your Organization’s Critical SAP Systems with Confidence

As a cybersecurity professional, you know that mission-critical SAP systems demand specialized security expertise. SAP environments are unique, with proprietary protocols, specialized coding, and complex architectures that set them apart from other enterprise systems. Without targeted knowledge, identifying and mitigating SAP security risks can be a significant challenge.
NO MONKEY ACADEMY’s SAP Security Crash Course provides you and your team with a comprehensive, hands-on introduction to securing SAP systems from a cybersecurity perspective. In this interactive training, specifically designed for cybersecurity teams, you’ll gain essential skills to address SAP’s unique security challenges and develop strategies to protect your organization’s most sensitive systems effectively.
Duration

32 hours

Live instructor

Learners

Maximum 14 Learners

Language

English

Certification

 Certificate Upon Completion

Price

€ 3200
per Learner

Who’s a Good Fit

This training is ideal for the following roles:
 Information Security Leaders
 Information Security Analysts
 Cyber Defense
 Incident Responders
 SOC Analysts

A Taste of What You Will Learn:

  • Core SAP Security Principles: Start by building a strong foundation in SAP security. This module introduces SAP system architecture and its critical components, helping you understand how various security teams contribute to safeguarding business-critical information. Explore user authentication methods, authorization concepts, and key SAP security controls. Additionally, learn about data encryption strategies, the role of staging and software distribution, and the importance of patch and system management tools for secure and efficient operations.
  • SAP Proprietary Network Security: Dive into the unique aspects of SAP’s network infrastructure and learn how to secure it effectively. This section focuses on applying security measures across SAP communication channels, including network segmentation and secure communication protocols. You’ll also explore strategies to fortify external interfaces, ensuring the protection of sensitive SAP data and minimizing the attack surface posed by third-party integrations.
  • Concepts of Hardening SAP Systems: Understand the foundational principles of hardening SAP systems through a layered security approach. This module covers key techniques for securing SAP services and protocols to reduce vulnerabilities. Gain insights into monitoring and addressing SAP security baselines, and explore how these baselines contribute to maintaining a mature security posture. Learn the essentials of incident response planning, emphasizing how proactive controls can enhance your readiness to respond to emerging threats.
  • Introduction to Secure Interfaces: This module provides an overview of the various types of interfaces that SAP systems connect to, both internal and external, which can pose security risks. You will explore authentication mechanisms used to secure these connections and learn best practices for safeguarding interfaces and third-party integrations. This includes enforcing secure communication protocols and implementing access control measures. Additionally, you will learn the capabilities available to detect and respond to threats, helping you develop the skills needed to monitor these connections effectively and mitigate potential risks.
  • Monitoring and Detecting Threats in an SAP Environment: Equip yourself with the skills to identify and mitigate threats within SAP environments. This module emphasizes the importance of active monitoring, teaching you how to detect suspicious activities and respond quickly to incidents.
  • Hands-On Exercise: Identifying SAP Attack Surfaces: Apply your knowledge in an interactive session by dissecting a real-world SAP architecture to identify potential threats. Implement targeted security controls and develop strategies to mitigate risks effectively.

Course Information

Overview
Who's a Good Fit
Prerequisites
Practice Environment Tools

Information Security Line of Defense

  • Information Security Leaders
  • Information Security Analysis
  • Cyber Defense
  • Incident Responders
  • SOC Analysts

NIST/NICE Cybersecurity Workforce Framework Work Roles


Work Role Title  Work Role ID
Cyber Defense Analyst
 PR-CDA-001
Cyber Defense Incident Responder
 PR-CIR-001

Mandatory:

  • N/A

Recommended:

  • An understanding of the network OSI model.
  • An understanding of the TCP protocol and traits.
  • Different network devices and their use in an IP-based network.
  • Network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Common controls related to the use, processing, storage, and transmission of data in a network, such as firewalls, reverse proxies, and authentication.

Helpful:

  • NA

SAP Security Training Overview

Number of Modules: 32
Duration: 4 full-days, 32 hours total, (9:00 - 13:00, 14:00 - 18:00 CET)
Class Size: 7-14 participants per class
Investment: €3200 per person (excluding taxes)
Software Version: Unrestricted
Instructor: Waseem Ajrab
Modules Covered in Online Class
  • Understanding SAP Security Fundamentals 
  • SAP Proprietary Network Security
  • Concepts of Hardening SAP Systems
  • Introduction to Secure Interfaces
  • Monitoring and Detecting Threats in an SAP Environment
  • Hands-on Exercise in Identifying an SAP Attack Surface 
*NO MONKEY SAP Security training content is referenced to existing standards for application security such as OWASP, NIST , and SAP recommendations.

Standard:

For this course, you will conduct hands-on practice defining the threat landscape of an SAP environment. You will be assigned to individual groups to work on exercises based on each module.  

In addition you will need:

HTML 5-ready Browser, preferably Edge, Chrome, or Firefox (Optional)  
Zoom client