Detailed Training Overview

Day 1: Foundations and Key Concepts

1. Introduction to SAP Security and Its Importance

This section provides an overview of the significance of SAP Security, discussing the business risks and operational impacts of security breaches in SAP systems. Participants will gain an understanding of the critical importance of protecting SAP systems.

2. Overview of Common SAP Software and Architectures

Here, participants will become familiar with different types of SAP software and study SAP system architectures. This foundational understanding is necessary for subsequent comprehension of security concepts and vulnerabilities.

3. SAP Ports and Services

This section will conduct a detailed review of open services and ports in various types of SAP systems. Participants will gain practical understanding of potential entry points for attacks, which is crucial for effective security provision.

4. Tools for SAP Security Assessment

This hands-on section is dedicated to testing and using various tools and software for SAP Security assessment. Participants will gain practical experience with security tools in real-world scenarios.

5. OWASP in SAP

This section will examine critical and interesting vulnerabilities discovered in SAP in the past. Applying OWASP concepts in the SAP context will provide a broader understanding of how common web application vulnerabilities manifest in the SAP environment.

6. Segregation of Duties (SoD) Concept in SAP from Attacker’s Point of View

This section is devoted to understanding SoD from a security perspective. Examining this concept from an attacker’s point of view will aid in identifying weaknesses and reinforcing security measures.

7. Critical SAP T-codes: Security Implications and Controls

This section will explore T-Codes and their impact on security. Participants will learn about methods to mitigate risks associated with T-Code misuse, which is critical for ensuring the security of SAP functionality.

8. Remote Function Call (RFC) Security

This section addresses security concerns related to RFCs in SAP. Securing RFCs is crucial as they are often targeted in attacks due to their ability to execute functions remotely.

9. RMI Security

Here, security aspects of Remote Method Invocation (RMI) in SAP will be covered. Participants will learn how to secure RMI, preventing unauthorized remote method calls.

10. SAP Profile Parameters

This section is dedicated to discussing security-related SAP profile parameters. Correct configuration of profile parameters is essential for securing SAP systems. Best practices and common configuration mistakes will be covered here.

 

 

Day 2: Vulnerabilities and Exploitation

1. Vulnerability Detection

This section will review methods for detecting vulnerabilities in SAP. Participants will learn about the importance of staying updated with the latest vulnerabilities and detection methods for proactive security management.

2. Analyzing Structure of SAP Patches and PoC Development

This technical section is devoted to understanding how SAP patches are structured and how to develop Proof of Concept (PoC) exploits. Participants will gain deep insight into how to apply patches effectively and the potential risks if not applied correctly.

3. Critical Vulnerabilities for SAP Systems and SAP Landscape Compromission Vectors

This section will provide a detailed analysis of critical vulnerabilities and compromission vectors in SAP systems. Participants will study vulnerabilities such as directory traversal and privilege escalation, gaining insights into how attackers exploit these weaknesses and how to defend against them. Special attention will be given to topics such as the reasons for the high danger of directory traversal, risks associated with developer privileges, methods of escalating privileges to SYSTEM level, and techniques for decrypting various secure storages in SAP systems.