Course List

Figuring out what an eLearning course covers should not be a daunting task. With our NO MONKEY Security Matrix, which combines the NIST Cybersecurity Framework and our own SAP security focus model (IPAC), you get a comprehensive idea on what each module will cover. Our courses are designed to be high involvement to keep learning interactive and interesting while improving knowledge retention with a mix of videos, mini-quizzes, and games to keep learning interesting.

Available Courses

Fundamentals of SAP Remote Services

Learn how to explicitly identify which servers are connected to your SAP system.
Matrix Category: Identity; Integration

In this module you will:

• discover what remote services are taking information from your system
• determine the risk of the exposure from a specific service
• know which SAP specific protocols provide access to business logic

• Module Summary

  Learn how to discover SAP remote services using free available tools, like NMAP, and know where to look up the meaning of a service. Determine the risk of exposure for a specific service by being able to check the security features and the accepted protocols using Whireshark. You will get an overview which SAP-specific protocols provide access to the business logic and what possibilities there are to route and filter traffic of some of these protocols.
  

Course Roadmap

We plan to continually expand our offering with current SAP security topics, mixing both general knowledge and product-specific information. To make it easier to see what each course entails, we have created icons that correspond to each topic within the NO MONKEY Security Matrix. Please note, that is a tentative roadmap showcasing what courses could be developed next. Other courses maybe created that are not listed here should the need or priorities change.

Product Icons

• General Information
• HANA
• S/4HANA

NO MONKEY Security Matrix Icon Guide

• Fundamentals for SAP Threat Modeling

  General SAP Knowledge
  Get a basis for identifying, listing, and mitigating potential threats that can arise from different integrations between different SAP systems as well as third-party solutions
  

• Fundamentals of On-Premise Network Security Designs

  General SAP Knowledge
  Learn to develop and implement appropriate safeguards of integrated systems to ensure the delivery of critical services.
  

• Security Overview of Hybrid Integration Scenarios for SAP

  General SAP Knowledge
  Develop an overall understanding of the different ways to secure hybrid integrations.
  

• Fundamentals of Network Intrusion Detection for SAP

  General SAP Knowledge
  Build a base knowledge of detecting unauthorized activity within your SAP network.
  

• Fundamentals of SAP Process Interation Model

  S/4HANA
  Get an understanding of the SAP Process Interaction Model and learn about the vulnerabilities, hardening, and configuration of the SAP Software.
  

• Fundamentals of SAP-specific Operating System Hardening

  S/4HANA
  Develop an organizational understanding about necessary hardening activities on an operating system level to improve the security of the software application platform.
  

• Fundamentals of Security Incident Network Containment

  General SAP Knowledge
  Become aware of the different steps that should be taken in case one of the sytems has been compromised.
  

• Principals of RFC Gateway & Message Server Hardening

  S/4HANA
  Understand what goes into hardening RFC gateways and message servers, as well as the different vulnerabilities they have.
  

• Best Practices of RFC Security Monitoring

  S/4HANA
  Dive deeper into the best practices to protecting RFC gateways and how to apply them.