HomeServicesSAPSAP Security Trainings

Onapsis Latest Publications

SAP Security In-Depth Vol.4

Read Case Study

Westinghouse Electric

Consulting Services

SAP Security Trainings

The first step in order to mitigate the risks that can affect the critical business information, is to identify them. Therefore, the continuous training and instruction of the customer IT security staff is of absolute importance.

Onapsis provides different in-company seminars and trainings with the goal of transferring the required knowledge so that its customers can decrease the risks of security incidents over their SAP platforms.

Onapsis' experts have been specially invited to hold presentation and trainings in international security conferences in the United States, Netherlands, Germany, Austria, Luxembourg, Italy, Spain, Sweden, Chile, Argentina, Paraguay and Panamá. Furthermore, they have been also contracted to instruct internal staff in Fortune-500 companies, governmental organizations and defense contractors.

SAP Security In-Depth Training Abstract:

Have you ever wondered whether your business-critical SAP implementation was secure? Do you know how to check it? Have you imagined which could be the impact of an attack to your core business platform? Do you know how to prevent it? This training is the answer to these questions.

For many years, SAP security has been a synonym of "segregation of duties" or "securing roles and profiles". While this kind of security is mandatory and of absolute importance, there are many threats that have been so far overlooked and are even more dangerous, such as the possibility of taking remote control of the entire SAP landscape without having any user in any system.

This training will help you to fill this knowledge gap, allowing you to understand the involved threats and risks and how to mitigate them. You will review the whole picture, from the security of the Environment and the SAP application-level gateways (SAProuter, Webdispatcher), through the assessment and hardening of the Operating Systems and Databases and their interaction with the SAP systems up to the security of the SAP Application Layer: Authentication, User security, Password Policies, Authorization subsystem, Interface Security, Component Security, Auditing, Monitoring and more!

The training is organized with many hands-on exercises, which will help you grasp practical knowledge quickly. You will learn how to assess the security of an SAP implementation and then secure the critical security gaps you discovered. You will be able to learn how to use different SAP security tools, as well as the publicly- available SAP Penetration Testing Framework developed by the instructor.

The training also provides a quick introduction to basic SAP concepts, which allows non-SAP security professionals to follow the course smoothly.

In order to get more information about our services, please contact us at