Fundamentals of Securing ABAP® Based Business Applications

As a community, we can evolve the SAP security standard together by learning and teaching others about how SAP systems work. The first step is to start at the beginning, with the Fundamentals of Securing ABAP®-based Business Applications course. Participants will be guided by a live instructor through 7 different security courses where both the attacker's and defender's perspective are provided. Each topic is broken down into easy-to-understand bite-sized concepts that utilize different styles of learning and engagement. The security methodology is presented first, then learners are able to access an SAP-explicit training environment to practice what they have learned. As a result of this training, participants will have the fundamental knowledge and skills needed to secure ABAP®-based business applications.

This extensive course will be held in two half-day sessions. You will:

  • learn about the prevailing security flaws and threats facing ABAP® code, as well as the causes and drivers of security within SAP environments;
  • be able to identify and remediate or mitigate code security flaws within ABAP®, and advise stakeholder about them promptly during the software development lifecycle, and;
  • reinforce the habit of notifying others about missing or insufficient security requirements, as well as design flaws in the review and testing phases.

Class Information

  • Two four-hour sessions, breaks included
  • 9 am - 5 pm CET
  • 7 - 14 people per class
  • Price: 700 EUR (taxes not included)
  • Access to an SAP training environment
  • Focus on applying methodology with games
  • Taught by security expert

Technical Prerequisites



  • General knowledge about application software programming


  • Basic understanding of SAP remote services and their security constraints
  • Fundamental knowledge of SAP ABAP® security design flaws


  • Common knowledge about SAP NetWeaver® based ABAP® application programming

Who’s a Good Fit

  • ABAP® Developer
  • Development Consultant
  • Code Security Consultant
  • Application Security Expert

Software Versions


Learning Courses Included in Training

  1. Fundamental aspects of code security for ABAP® applications
  2. Fundamental protection concepts for ABAP® applications
  3. Directory/Path Traversal Vulnerabilities
  4. OS Command Injection Vulnerabilities
  5. Dynamic Execution Vulnerabilities
  6. SQL Injections Vulnerabilities
  7. ABAP® Code Injection Vulnerabilities

About the Instructor

Marco HammelCo-Founder and CTO, NO MONKEY
  • More than eight years in educating, advising, and securing people, processes, and SAP technology
  • With his experience as a software developer, the topic of code and software pipeline security is his main focus
  • CISSP certified cybersecurity expert with an SAP technology background

Reach out to us to book a training for you or your team!

To make it the most flexible for your schedule, you can join the two training sessions on two consecutive days in one training event or enter the first session and the second session on different training events.

Send us a message


700 EUR (taxes not included)

To make joining the virtual classroom as convenient as possible, we accept registrations directly with Euros. Let us know how many people will be participating, and we send you a quote as quickly as possible.

Read Our Customer Success Story

"Let me first say that I had some previous contact with other SAP-related trainings, but this one was by far the best. One can clearly see that you are a knowledgeable trainer with a wide array of expertise, willing to sidetrack interesting topics as they arrive."

Alexander MeierTeam Lead SAP Security Services at SEC Consult

Read the Customer Success Story

Security is Culture!