SAP Security Training
SAP Through the Eyes of an Attacker
An independent, instructor-led SAP security training that empowers both seasoned professionals and beginners with in-depth knowledge and hands-on skills to secure critical SAP ERP systems - taught from the attacker's perspective, with real-world labs.
Request training See the agendaWhat is the RedRays SAP security training?
The RedRays SAP security training is a hands-on, instructor-led course that teaches you to secure SAP systems through the eyes of an attacker - covering threat analysis, vulnerability assessment and attack-mitigation techniques across the real SAP stack, so you can find and fix weaknesses before attackers do.
Course overview
The program covers the fundamental concepts of the SAP environment - the architectures of SAP ABAP, SAP NetWeaver, SAP AS Java and SAP Cloud - with a special emphasis on modern technologies such as SAP Fiori (OData & UI5) and S/4HANA on the in-memory HANA database.
Throughout the training you engage in real-world scenarios and hands-on labs covering threat analysis, vulnerability assessment and attack mitigation - including RFC vulnerabilities, attacks on SAP NW Java, privilege-escalation methods, and reverse engineering of SAP patches for both ABAP and Java environments.
Agenda
A meticulously structured two-day program that balances theory with extensive hands-on exercises - a progressive journey through the SAP security landscape.
Day 1 Attack ABAP & S/4HANA
VA / PT / TM & tools
Fundamental methodologies for security assessment - vulnerability assessment, penetration testing and threat modeling for SAP environments.
Attack on SAP S/4HANA
Common and advanced vulnerabilities in SAP ECC, S/4HANA, Business Suite and NetWeaver AS ABAP.
Vulnerability exploitation
Deep dive into SAP-specific exploitation - including RFC callback attacks and debug-mode exploitation.
Enqueue / Message Server issues
Security issues in the SAP Enqueue Server and Message Server, including "phantom attacker" techniques that bypass SAP ABAP lock functionality.
Day 2 Attack Java & Cloud
Attack on SAP NW Java
Critical vulnerabilities in the SAP NetWeaver Java stack - authentication bypasses, directory traversals and Java deserialization attacks.
P4 exploitation
Techniques for exploiting SAP's proprietary P4 remote method invocation technology.
SAP Cloud Connector
Security issues in SAP Cloud Connector - the bridge that connects cloud applications with on-premise systems.
Forensic tricks
Essential SAP forensics - five core techniques to identify compromises and threats.
Instructor
Vahagn Vardanian
A recognized expert in SAP security with over a decade of experience and a track record of identifying more than 150 vulnerabilities. Vahagn equips you with the practical expertise needed to protect your SAP landscape against sophisticated cyber threats.
Put your skills to work
Pair the training with hands-on SAP security services from the same team.
SAP security training FAQ
What is the RedRays SAP security training?
It is an independent, instructor-led SAP security course that teaches you to secure SAP systems through the eyes of an attacker - covering threat analysis, vulnerability assessment and attack mitigation across SAP ABAP, NetWeaver, AS Java, Cloud, Fiori and S/4HANA, with hands-on labs.
Who should attend the SAP security training?
Both seasoned professionals and beginners - SAP security, Basis and ABAP specialists, penetration testers, and security teams who need practical skills to protect critical SAP ERP systems.
Is the training online or on-site?
Both. The training is delivered online or on-site at your choice, as a two- to three-day program with a six-hour session each day followed by an interactive Q&A.
Do I need prior SAP security experience?
No. The course starts with the fundamentals of the SAP environment and progresses to advanced exploitation, so it works for beginners while still challenging experienced professionals.
What topics does the agenda cover?
Day 1 covers VA/PT/TM methodologies, attacks on S/4HANA and ABAP, vulnerability exploitation, and Enqueue/Message Server issues. Day 2 covers SAP NW Java attacks, P4 exploitation, SAP Cloud Connector, and SAP forensic techniques.
Request the SAP security training
Tell us about your team - we'll tailor the format (online or on-site) and schedule.
