Course Outline
- Introduction
- Explaining Application Security and Vulnerabilities
- Secure Programming
- Describing ABAP Best Practices and Handling of SY-SUBRC
- Understanding Injection Vulnerabilities (SQL Injection, Code Injection, Call Injection, Operating System Command Injection, Directory Traversal, web-based threats, Cross-Site Scripting, Cross-Site Request Forgery, inaccurate programming)
- Security Testing Tools
- Describing Security Testing Tools
- Explaining ATC and CVA
- Troubleshooting
- Summary and Conclusion
Requirements
- knowledge of ABAP programming
- Basic knowledge of security concepts
Audience
- Developers
- Technology Consultant
The aim of this course is to teach developers the importance and practice skills to develop ABAP secure code. Delegates will learn about the various types of vulnerabilities and be able to effectively implement appropriate countermeasures to protect applications against outside threats.
Delegates will gain knowledge of the ABAP Testing Cockpit (ATC) and the SAP NetWeaver Application service add-on for code vulnerability analysis (CVA) to ensure security and compliancy of your custom developed code.
Testimonials (9)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
the balance between lectures and practice, the rhythm, the trainer knowledge and pedagogic skill
Armando Pinto - EID
Course - C/C++ Secure Coding
Very good knowledge and character.
Constantinos Michael
Course - Java and Web Application Security
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated
Very good to understand how a hacker would potentially analyse sites for weakness and tools they might employ .