Schedule Introduction


Training Schedule


(AD680) Active Defense – SAP NetWeaver Security Workshop

Code: AD680 v3
Tuition (USD): $4890
Length: 5Days

Have a question? Contact Us

Location: Date Guaranteed to Run:
Live Virtual, US 03/20/2023
Live Virtual, US 06/26/2023
Live Virtual, US 09/25/2023
Live Virtual, US 12/18/2023

Not finding any suitable dates? Contact us for additional availability:

Skills Gained:
Today, attacks on SAP systems are a daily occurrence. You will face hackers with very good SAP knowledge, who use the smallest security holes to get access to enterprise data. This workshop will provide you with knowledge about these attacks, so you can be better prepared for the potential dangers in your own SAP system.
Who Should Attend?
System Managers System Administrators Auditors Technical Security Team Members
  • Essential
  • ADM100
  • ADM960
  • Recommended
  • Knowledge of security topics
  • Technical background (Web technology, SAP Basis) SAP System Administration
What You Will Learn:
  • 1) Operating System
  • a) File System Security* Windows/Linux, Access Control, User concept
  • b) Starting Applications from SAP
  • 2) Database
  • a) Database access (SAP, external)
  • b) DB hardening
  • 3) Network
  • a) Firewall, Proxy servers
  • b) SAP Web Dispatcher*, SAProuter*
  • c) Hacking tools*
  • d) Brute Force Attacks*
  • e) RFC Gateway Hack*
  • 4) SAP
  • a) User authentication and access control
  • b) Access over the client barrier
  • c) Identity Provisioning and Identity Federation with NetWeaver Identity Management
  • d) SSO (logon tickets, SAML, SPNego, etc.)
  • e) Authorisation*
  • f) Switchable authorisation checks
  • g) SAP NetWeaver AS Java
  • h) SQL-Injection
  • i) Automated penetration test*
  • j) SAP Gateway Security*
  • k) Misuse of RFC callback
  • l) Identifying redundant Custom Coding (UPL)
  • m) SAP Security Patching - Best Practise and Tools
  • n) Communication Interfaces (RFC, http(s))*
  • o) Encryption
  • p) Security in transportation*
  • q) Logging and trace option
  • r) SAP Solution Manager, Agents and Wily Introscope Enterprise Manager
  • s) Enhanced Security in Solution Manager 7.2
  • 5) New products , tools and transactions of SAP security related news:
  • a) Enterprise Threat Detection (ETD)
  • b) Read Access Logging (RAL)
  • c) Unified Connectivity (UCON) - introduction
  • d) Authorisation maintenance based on UCON
  • e) Defining different security policies for user groups (secpol)
  • 6) (*)will be simulated by the participant as attacker and defender with help of the trainer
  • Notes
  • • AddOn conducts this training in co-operation with SAP Education.
Course Info:
Course based on software release: SAP NetWeaver 7.02/ SAP NetWeaver 7.4

Course notes and announcements:

This is a SAP CERTIFIED Course. Your course will include Full Class Delivery of the comprehensive standard SAP curriculum agendas, SAP Certified Instructor, Demonstration and Presentation, Student Hands on exercises, Access to SAP Hosted servers/training environment, and SAP Certified participant guides.

This 5 day instructor led course qualifies for 40 CPE Credits. CPE Credits are currently available only for publicly scheduled courses delivered live at SAP locations and our Authorized Education Partner locations.

With virtual live classroom training you get comprehensive training from SAP experts using seamless over-the Web connectivity. The same content delivered in SAP's traditional "brick and mortar" classrooms is presented during virtual live classroom deliveries. As in SAP's traditional classrooms, SAP virtual live classroom stresses hands-on learning providing each registered student with exclusive access to live SAP systems throughout each course. Each Virtual Live class is taught by a SAP Certified Instructor and will include an e-book student guide for you to download and keep. CPE Credits are currently available only for publicly scheduled courses delivered live at SAP locations and our Authorized Education Partner locations. CPE Credits are not available for virtual live classroom sessions.

Not finding any suitable dates? Contact us for additional available dates: