Welcome to Fundamentals of Developing Secure Cloud Foundry Apps on the SAP BTP

Offered exclusively by NO MONKEY this online classroom training brings together the SAP operations and IT Security lines of defense and teaches them how to put preventive controls in place to detect and manage JavaScript code security flaws in the SAP BTP Cloud Foundry framework. In 4 hours you will gain important skills to reduce enterprise risk, identify security blind spots and break-up silo culture. Training modules are delivered live by the world’s leading SAP Security experts, referenced to existing standards for application security and based on secure coding best practices.

A Taste of What You Will Learn:

  • Understand why traditional application security approaches don’t work in the SAP BTP environment and what approaches and practices work best to secure Cloud Foundry Apps on SAP BTP.
  • Take a journey through the security capabilities and limitations of Cloud Foundry and Node.JS.
  • Learn the common security vulnerabilities and application threats that result from misconfiguration and coding errors. Discover how to identify and prevent them earlier on during development and resolve them faster when they occur.
  • Identify the main threats and drivers of security issues within PaaS environment and which free tools are available to help you conquer them.
  • Gain practical experience to address security flaws within SAP BTP applications throughout the software development life cycle (SDLC) efficiently by learning which controls to implement that prevent the release of vulnerabilities.
  • Find out who to notify within your organization about missing or insufficient security requirements and design flaws and how to resolve them.
  • Learn the most critical vulnerabilities to look out for during the review and testing phases and how to quickly address the issues you find.

Course Information

  • Number of Modules: 4
  • Duration: 1 half-day, 4 hours (9:00 – 13:00 CET)
  • Class Size: 7-14 participants per class
  • Investment: 400 EUR per person taxes excluded
  • Software Version: Unrestricted
  • Instructor: Marco Hammel Co-Founder of NO MONKEY
  • Security Skill Matrix: IYPT-C learn more here

Modules Covered in Online Class

  1. Fundamental Threats to PaaS Cloud Applications
  2. Overview of Protective Capabilities in Cloud Foundry on SAP Business Technology Platform
  3. Fundamental Node.JS Code Security Flaws for Cloud Foundry Applications
  4. Fundamental Code Security Aspects for Node.JS Applications on Cloud Foundry

*NO MONKEY SAP Security training content is referenced to existing standards for application security such as OWASP, NIST, and SAP recommendations.

Who’s a Good Fit

SAP Operations

  • SAP Business Technology Platform Developer
  • Development Consultant

IT Security

  • Code Security Consultant
  • Application Security Expert

NIST/NICE Cybersecurity Workforce Framework Work Roles

  • SAP Software Developer (for SAP BTP) (SP-DEV-001)
  • (SAP) Secure Software Assessor (SP-DEV-002)
  • SAP Security Architect (SP-ARC-002)

Who Else Might Be A Good Fit

If you have a traditional ABAP© development background and are just beginning with Javascript this course is a great fit to help you understand JavaScript and CDS Views from a security point of view and enhance your capability to develop secure apps



  • General knowledge on application software programming


  • Basic knowledge on the SAP Business Technology Platform


  • Common knowledge on the opinionated concept of Cloud Foundry
  • Basic understanding of the SAP Cloud Application Programming Model

Practice Environment Tools

For BTP courses you will use the SAP BTP trial environment to practice. The account is free of charge and provided by SAP. If you do not have an account already, you will need to create one here.

In addition you will need:

You can download the sample code and tools from the links below.

Github Sample and exercise code
The Cloud Foundry CLI utilities

Reach out to us to book a training for you or your team!

Send us a message

Read Our Customer Success Story

"Let me first say that I had some previous contact with other SAP-related trainings, but this one was by far the best. One can clearly see that you are a knowledgeable trainer with a wide array of expertise, willing to sidetrack interesting topics as they arrive."

Alexander MeierTeam Lead SAP Security Services at SEC Consult

Read the Customer Success Story

Security is Culture!