Course Outline
- Introduction
- Explaining Application Security and Vulnerabilities
- Secure Programming
- Describing ABAP Best Practices and Handling of SY-SUBRC
- Understanding Injection Vulnerabilities (SQL Injection, Code Injection, Call Injection, Operating System Command Injection, Directory Traversal, web-based threats, Cross-Site Scripting, Cross-Site Request Forgery, inaccurate programming)
- Security Testing Tools
- Describing Security Testing Tools
- Explaining ATC and CVA
- Troubleshooting
- Summary and Conclusion
Requirements
- knowledge of ABAP programming
- Basic knowledge of security concepts
Audience
- Developers
- Technology Consultant
The aim of this course is to teach developers the importance and practice skills to develop ABAP secure code. Delegates will learn about the various types of vulnerabilities and be able to effectively implement appropriate countermeasures to protect applications against outside threats.
Delegates will gain knowledge of the ABAP Testing Cockpit (ATC) and the SAP NetWeaver Application service add-on for code vulnerability analysis (CVA) to ensure security and compliancy of your custom developed code.
Testimonials (10)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Lot's of information explained very well. Good examples, interesting exercises. Trainer showed us his real world experience.
Gergely Bathó - GE Medical Systems Polska Sp. Z O.O.
Course - Application Security for Developers
The Burpe suite i need more training in this
Gontse Ntshegi - Vodacom
Course - Android Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job
Toby
Course - Application Security in the Cloud
the balance between lectures and practice, the rhythm, the trainer knowledge and pedagogic skill
Armando Pinto - EID
Course - C/C++ Secure Coding
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated