Skip links
SAP Security · Training

SAP Security Training

SAP Through the Eyes of an Attacker

An independent, instructor-led SAP security training that empowers both seasoned professionals and beginners with in-depth knowledge and hands-on skills to secure critical SAP ERP systems - taught from the attacker's perspective, with real-world labs.

Request training See the agenda
◆ SAP through the eyes of an attacker You beginner to pro Day 1 · Attack ABAP & S/4HANA VA / PT / TM · exploitation Enqueue / Message Server Day 2 · Attack Java & Cloud NW Java · P4 · Cloud Connector forensic tricks Defend your SAP
2-3 daysstructured program
6-hour sessions+ interactive Q&A
Online or on-siteyour choice
Hands-on labsreal-world scenarios

What is the RedRays SAP security training?

The RedRays SAP security training is a hands-on, instructor-led course that teaches you to secure SAP systems through the eyes of an attacker - covering threat analysis, vulnerability assessment and attack-mitigation techniques across the real SAP stack, so you can find and fix weaknesses before attackers do.

Course overview

The program covers the fundamental concepts of the SAP environment - the architectures of SAP ABAP, SAP NetWeaver, SAP AS Java and SAP Cloud - with a special emphasis on modern technologies such as SAP Fiori (OData & UI5) and S/4HANA on the in-memory HANA database.

Throughout the training you engage in real-world scenarios and hands-on labs covering threat analysis, vulnerability assessment and attack mitigation - including RFC vulnerabilities, attacks on SAP NW Java, privilege-escalation methods, and reverse engineering of SAP patches for both ABAP and Java environments.

Agenda

A meticulously structured two-day program that balances theory with extensive hands-on exercises - a progressive journey through the SAP security landscape.

Day 1 Attack ABAP & S/4HANA

VA / PT / TM & tools

Fundamental methodologies for security assessment - vulnerability assessment, penetration testing and threat modeling for SAP environments.

Attack on SAP S/4HANA

Common and advanced vulnerabilities in SAP ECC, S/4HANA, Business Suite and NetWeaver AS ABAP.

Vulnerability exploitation

Deep dive into SAP-specific exploitation - including RFC callback attacks and debug-mode exploitation.

Enqueue / Message Server issues

Security issues in the SAP Enqueue Server and Message Server, including "phantom attacker" techniques that bypass SAP ABAP lock functionality.

Day 2 Attack Java & Cloud

Attack on SAP NW Java

Critical vulnerabilities in the SAP NetWeaver Java stack - authentication bypasses, directory traversals and Java deserialization attacks.

P4 exploitation

Techniques for exploiting SAP's proprietary P4 remote method invocation technology.

SAP Cloud Connector

Security issues in SAP Cloud Connector - the bridge that connects cloud applications with on-premise systems.

Forensic tricks

Essential SAP forensics - five core techniques to identify compromises and threats.

Instructor

Vahagn Vardanian - SAP security expert and trainer
Lead instructor

Vahagn Vardanian

A recognized expert in SAP security with over a decade of experience and a track record of identifying more than 150 vulnerabilities. Vahagn equips you with the practical expertise needed to protect your SAP landscape against sophisticated cyber threats.

10+ yrsin SAP security
150+vulnerabilities discovered

Put your skills to work

Pair the training with hands-on SAP security services from the same team.

SAP security training FAQ

What is the RedRays SAP security training?

It is an independent, instructor-led SAP security course that teaches you to secure SAP systems through the eyes of an attacker - covering threat analysis, vulnerability assessment and attack mitigation across SAP ABAP, NetWeaver, AS Java, Cloud, Fiori and S/4HANA, with hands-on labs.

Who should attend the SAP security training?

Both seasoned professionals and beginners - SAP security, Basis and ABAP specialists, penetration testers, and security teams who need practical skills to protect critical SAP ERP systems.

Is the training online or on-site?

Both. The training is delivered online or on-site at your choice, as a two- to three-day program with a six-hour session each day followed by an interactive Q&A.

Do I need prior SAP security experience?

No. The course starts with the fundamentals of the SAP environment and progresses to advanced exploitation, so it works for beginners while still challenging experienced professionals.

What topics does the agenda cover?

Day 1 covers VA/PT/TM methodologies, attacks on S/4HANA and ABAP, vulnerability exploitation, and Enqueue/Message Server issues. Day 2 covers SAP NW Java attacks, P4 exploitation, SAP Cloud Connector, and SAP forensic techniques.

Request the SAP security training

Tell us about your team - we'll tailor the format (online or on-site) and schedule.