Welcome to the Fundamentals of Attacking and Defending SAP Systems Presented by Vicxer Inc.

A great course for security professionals who want to increase their SAP security skills, this live online training provides the most up-to-date information on SAP specific attacks and walks you through the best way to implement protection activities. In two four-hour sessions, you will learn how to perform vulnerability assessments, audits, and penetration tests on your own unique SAP platform. Structured to be hands-on, security topics are broken down into bite sized concepts with interactive exercises, and demonstrations that make learning directly applicable and easier to recall later. After course completion you will be well equipped with the knowledge you need to understand the critical risks your SAP platform may be facing now, pro-actively assess them, and more importantly, confidently apply best-practices to effectively mitigate them.

A Taste of What You Will Learn:

  • You will learn about the basis components, security concepts, and architecture for SAP systems and why safeguarding them requires special consideration.
  • Reasons why common security approaches fall short or do not work when it comes to securing applications.
  • You will learn to identify common vulnerabilities caused by insufficient hardening of a vanilla SAP installation and how they can be used to compromise a system completely.
  • You will learn the security traits of different SAP proprietary remote protocols and how attacker can leverage them for lateral movement and exploitation.
  • You will learn how to identify and proof the exploit-ability of vulnerabilities without causing business disruption to implement a safe approach to assess the security state of your SAP environment.
  • You will gain knowledge on different tools and options that effectively help defend SAP system against the most common attacks. As well as adversarial techniques for putting SAP-specific and agnostic protective measures in place.

Course Information

  • Number of Modules: 16
  • Duration: 4 half days, 16 hours total (13:00 - 17:00 CET)
  • Class Size: 7-14 participants per class
  • Investment: 1,600 EUR per person taxes excluded
  • Software Version: Unrestricted
  • Instructor: Jordan Santasieri
  • Security Skill Matrix: IYPT-IPA learn more here

Modules Covered in Online Class

  1. Introduction into SAP, SAP solution architecture and networking capabilities
  2. Overview on operating systems and SAP systems database technology
  3. Introduction into SAP S/4HANA© from a security perspective
  4. Overview of SAP user account security traits
  5. Attacks scenarios for password-based authentication
  6. Overview of different SAP software components and service and protocols from a security point of view
  7. Introduction into the SAP system web application security
  8. Overview of SAP technology audit trails and security event sources

*NO MONKEY SAP Security training content is referenced to existing standards for application security such as OWASP, NIST, and SAP recommendations.

Who’s a Good Fit

SAP Operations

  • SAP Basis Administrator
  • SAP Security Consultant

IT Security

  • Penetration Tester or Red Teamer
  • Application Security Expert
  • Blue Teamer
  • IT Security Auditor

NIST/NICE Cybersecurity Workforce Framework Work Roles

(SAP) Secure Software Assessor (SP-DEV-002)
SAP Security Architect (SP-ARC-002)
SAP Security Control Assessor (SP-RSK-002)
SAP System Administrator (OM-ADM-001)
SAP Cyber Defense Analyst (PR-CDA-001)

Who Else Might Be A Good Fit

If you have a traditional background in SAP operations and database administration and want to get into cybersecurity this course is a great fit to help you expand your existing skills with a security point of view.



  • General knowledge about Linux and Unix operations


  • Familiarity of working with command line applications and Unix shells


  • Fundamental knowledge about SAP core technologies such as NetWeaver and HANA
  • Fundamental knowledge about proprietary SAP protocols such as RFC

Practice Environment Tools

For this course you will use a lab environment hosted by us to practice. The lab provides access to an SAP S/4HANA© landscape consisting of two stages and a SAP NetWeaver© Java application server. You can access to environment by a virtual desktop system with all necessary tools preinstalled.

In addition you will need:

  • HTML 5 ready Browser preferably Edge, Chrome, Firefox
  • (Optional) Zoom client

About: Jordan Santarsieri

Jordan Santarsieri is a founding partner of Vicxer Inc. who has devoted the last 14 years researching and diving deep into the into the ERP (SAP / Oracle) world to help teach organization how to understand and improve cybers security. He specializes in helping organizations, especially global Fortune-500 companies and defense contractors, stay one step ahead of cyber-threats by identifying, analyzing and mitigating vulnerabilities affecting their ERP systems and business-critical applications.

Jordan has discovered critical vulnerabilities in Oracle and SAP software and uses this knowledge to help organization better protect themselves. He is a frequent speaker at international security conferences such as Black-Hat, Insomnihack, Code Blue, YSTS, Auscert, Sec-T, Rootcon, NanoSec, Hacker Halted, OWASP US, 8dot8, DragonJAR and Ekoparty.

Reach out to us to book a training for you or your team!

Send us a message

Read Our Customer Success Story

"Let me first say that I had some previous contact with other SAP-related trainings, but this one was by far the best. One can clearly see that you are a knowledgeable trainer with a wide array of expertise, willing to sidetrack interesting topics as they arrive."

Alexander MeierTeam Lead SAP Security Services at SEC Consult

Read the Customer Success Story

Security is Culture!