Skip to main content
chevron_left
SAST Events & Webinars Header

There are plenty of opportunities to engage with us:

at our events, congresses and webinars.

chevron_right

Trade fairs, Congresses and Events

Meet our Security & Compliance experts in person and learn everything you need to know about protecting your SAP systems first-hand.

Every year we organize a series of events of our own or attend congresses to answer your questions. We look forward to seeing you!

SAST WEBINARS 2019


Our webinars offer you a live forum in which you can get the answers to your specific questions about the latest topics in SAP Security & Compliance without having to invest a lot of time.

Take advantage of our recommendations and find what you need to meet your particular requirements!

Reserve your place now


Not just scanning: A step-by-step approach to highly secure ABAP code. (March 19, 2019, 10 a.m. / 4 p.m.)

Whether due to customization or obsolete code, most SAP systems harbor an untold number of vulnerabilities that practically invite attempts at hacking and other manipulations.

The code security scanners available often provide long lists of findings, but fail to include enough information on how to address them. In addition, many companies lack the knowledge and experience necessary to recognize secure ABAP programming, identify findings that are relevant (or critical), and eliminate the corresponding weaknesses. This is where our team can assist you based on its years of experience and expertise in countless security projects.

With the help of SAST SUITE's Code Security Advisor (CSA), you can not only check your ABAP code, but proceed straight to correcting its flaws, as well. It's ideal protection against the exploitation of potential back doors. We'll show you which findings are truly critical, offer case-specific recommendations, and make it easier for you to set priorities in fixing your code.

This will put you on sound footing - including with regard to the migration you might be planning to S/4HANA.

Topics of focus:

  • Reducing the time and effort your projects require by up to 75%
  • Code scanning and optimization in a single package (which also includes partially automated solutions)
  • Making code analysis an integral part of your SAP security concept
  • Raising awareness of future custom developments within your developer team
  • How our experience can help you devise an ideal approach to code correction projects
  • Special feature: insights into a code correction project conducted by an international technology company

>> Register for this webinar in German (10:00 a.m.)

>> Register for this webinar in English (4:00 p.m.)

Fiori and S/4 authorizations: What are the biggest challenges, and where do the risks lie? (April 9, 2019, 10 a.m. / 4 p.m.)

Many SAP customers are currently planning to implement SAP S/4HANA or are already making the transition. Besides the extensive new architectural aspects involved, implementing S/4HANA and Fiori also changes quite a few longstanding rules in the area of SAP authorizations.

A number of transactions - some of which veteran SAP ERP users have come to hold dear - have either been integrated into other transactions, replaced by Fiori apps, or simply eliminated. Meanwhile, the consistent use of OData services in the context of Fiori has resulted in a variety of ramifications with regard to security design in both the front and back end.

Topics of focus:

  • S/4HANA and Fiori: Which areas of the SAP security architecture are affected?
  • In light of the ramifications for authorization concepts, should you revise yours or redesign it completely?
  • Potential pitfalls during implementation
  • Implications for your SoD rules
  • How the SAST team's experience makes S/4HANA security design fast, efficient, and cost-effective
  • Special feature: insights into ideal scenarios

>> Register for this webinar in German (10:00 a.m.)

>> Register for this webinar in English (4:00 p.m.)

Authorizations under the microscope: How to integrate your SoD analysis into the SAP cloud apps. (May 14, 2019, 10 a.m. / 4 p.m.)

Comprehensive authorization management and the SoD analysis that comes with it are essential measures in safeguarding SAP systems, especially in the context of compliance. However, problems can arise when connecting external solutions to an SAP landscape. SAP Ariba, for example, comes with its own role and authorization concept - one that often doesn't match the SAP standard. This makes truly comprehensive SoD analysis simply impossible.

The solution? Cross-system authorization management that monitors roles and authorizations while factoring in all the relationships among them. The authorization management module of SAST SUITE makes it possible to customize SoD functions in a way that incorporates roles and permissions into SoD analysis, even when non-SAP systems like Ariba are involved.

In this webinar, you'll learn how to take control of extensive SoD and business process analyses while identifying authorization conflicts across multiple systems.

Topics of focus:

  • Customizing SoD analyses for SAP and non-SAP systems
  • Cross-system analysis of assigned roles and permissions
  • Business process analysis, including conflict definition
  • Special feature: insights into a cross-system authorization project conducted by a global pharmaceutical company

>> Register for this webinar in German (10:00 a.m.)

>> Register for this webinar in English (4:00 p.m.)

Security for the SAP cloud and S/4HANA: How to take initiative. (June 25, 2019, 10 a.m. / 4 p.m.)

Companies are increasingly choosing cloud technologies - now also for SAP. However, this progress is not without risk, as protection of most SAP systems is inadequate. Mitigation in the cloud opens new vulnerabilities and stricter conditions for SAP security and compliance, especially with regard to authorizations and SoD analyses. The solution? Risk management for the cloud.

In our webinar, we will show you how you can optimize security in your SAP landscape in the cloud and how to organize your authorizations - even after migration to S/4HANA - in a way that is both role-based and compliant. What preparations are needed before migration? Which migration strategy is right for you? Which steps must come first?

Plan to mitigate risks on the SAP Cloud Platform at all relevant checkpoints and take advantage of our expertise: Our experts will present their experiences from pilot projects, respond to all your questions and optimally prepare you for the digital future.

Topics of focus:

  • Secure your SAP landscapes - in the cloud, too
  • Develop the right cloud - and S/4HANA - strategy and master the first steps
  • Easily, simply transport existing SoD matrices
  • Benefit from our pilot project experiences

>> Register for this webinar in German (10:00 a.m.)

>> Register for this webinar in English (4:00 p.m.)

SAST DAYS 2019

As part of our "SAST DAYS" series, we regularly inform you about current developments, upcoming trends and offer a forum for lively discussions and an active exchange.

FEEDBACK FROM OUR GUESTS:

  • "Very successful event. I'll be glad to come back."
  • "Always interesting lectures from which you can take a lot."
  • "I really liked the many practical demonstrations."
  • "Thank you for the exciting discussions with your experts."

SAVE THE DATE: Please register now as a participant, as the places are limited as usual.

  • February 26, 2019: Hannover
  • February 28, 2019: Hamburg
  • March 12, 2019: Leverkusen
  • March 14, 2019: Munich - fully booked
Please note: the event language is German.

SAST WEBINARS ON DEMAND


Were you unable to attend a live webinar? Or did a colleague just recommend a topic to you from our SAST SOLUTIONS portfolio?

Our webinar archive allows you to individually schedule when you want to take advantage of the recommendations of our SAP security and compliance experts.

>> Request the link to our webinar recordings now

SAP HANA and S/4HANA: "Securing your first steps into the future of SAP."

Following the arrival of SAP's new S/4HANA business suite, intuitive SAP Fiori user interfaces, and the SAP HANA in-memory platform for big data analysis, there's nothing left standing between you and the next generation of business software. Or is there...?

For virtually every company, making the move to SAP HANA involves a platform transition with many important security aspects to consider. New installations of HANA aren't inherently secure, after all; in fact, some releases contain open vulnerabilities that need to be identified and addressed.

The transition to S/4HANA, meanwhile, requires you (at minimum) to migrate or redesign your authorizations. This is because its new processes have made some transactions obsolete while adding new variants. In SAST SUITE, we offer a holistic solution that's designed to support your approach to risk analysis and role creation. It also includes an audit-compliant role template and a framework of S/4HANA rules that can aid you in addressing risks and SoD conflicts.

Topics of focus:

  • Security flaws to watch out for in new HANA installations
  • The solution approach that's right for you in migrating your previous ERP roles
  • How our auditing approach highlights risks and provides an ideal basis for the necessary hardening
  • How SAST SUITE can support your projects
  • What you can learn from our experience and best-practice examples

>> Request link to webinar recording.

SAP Hosting: "Hacking 40 SAP systems at once - why your hosting provider isn't as secure as you might think."

Picture a building with no windows, cameras on every corner, and a barbed wire fence one meter high. Trying to break into a hosting company's data center doesn't seem like a good idea, does it? Meanwhile, firewalls, intrusion detection systems, and other measures are also in place to thwart virtual intrusions. Hosted SAP systems are another matter, however. In our experience, responsibilities related to SAP system security are often not clearly defined between hosts and their customers, which leaves a number of doors wide open for attackers.

Topics of focus:

  • How frighteningly easy it can be to penetrate SAP systems.
  • Why responsibilities are often undefined in the case of SAP systems in particular.
  • What you need to keep in mind to safeguard your hosted SAP systems.

>> Request link to webinar recording.

Platform Security: “Are you really that attached to your ABAP security flaws, or can they go?"

Attacks on companies have increased exponentially in recent years. Not uncommonly, these were made possible by software vulnerabilities. SAP systems are particularly critical for many core business processes and should receive corresponding protections.

However, you'll only achieve a basic level of security that can weather stress tests and remain consistent if you take a truly head-to-toe approach to security. And that includes your ABAP code. In our experience to date, many companies balk at audits of their custom developments or 3rd-party add-ons, or are unsatisfied with the nearly unmanageable number of findings. How can this mass of supposedly critical security flaws be evaluated reliably? Where do you even start to clean up?

The newest module in our SAST SUITE, the Code Security Advisor, offers a solution. It is directly integrated into your SAP system and has a risk assessment enriched by key figures such as usage statistics for prioritization, an option to easily decommission obsolete code and a comprehensive set of rules with test cases developed by our SAP security and compliance consultants based on their years of experience.

Topics of focus:

  • When you clean up your code to prevent data leaks, manipulation, backdoors, you also protect your company's reputation.
  • Use SAST Code Security Advisor to achieve top security. Don't limit yourself to your mass findings.
  • Advantages for you: risk assessment prioritizing clean-up tasks, identification of complex vulnerabilities, decommission obsolete code and still have a choice between the SAST license model and managed service.

>> Request link to webinar recording.

Platform Security: "Insecure SAP system interfaces: an underestimated risk."

How confident are you that your SAP systems are sufficiently protected against cyberattacks? In our experience, it's far too often the case that companies fail to pay the requisite attention to analyzing and securing their SAP system interfaces. These include RFC connections, SAP Gateway, and extended ST01 traces, along with considerations of their relevance, criticality, and potential defects.

As you take the steps necessary to secure your landscape, the suite module SAST Interface Management can provide you with optimal support. It's capable of evaluating multiple systems, creating a comprehensive interface overview in graphical or tabular format, and categorizing the flaws it finds.

Topics of focus:

  • How to use the module to find out what's really going on with your RFC connections
  • How to identify RFCs that are improperly configured or not in use in your systems
  • How to secure your SAP Gateway using SAST SUITE
  • Practical tips you can use to protect your landscape in the most effective ways

>> Request link to webinar recording.

UAM: "Using SAST Safe Go-Live Management to prevent disruptions in authorization design."

Whether it's after an audit or during an S/4HANA project, companies' requirements regarding quality, the time involved, and of course, their project budget often differ greatly when it comes to planning authorization redesigns.

No matter what your own priorities are in authorization projects, AKQUINET offers solutions designed to meet every requirement to the letter. And the best part? Thanks to SAST Safe Go-Live Management methodology, your project won't cause any disruptions in your everyday business.

Topics of focus:

  • How to find the solution that matches your exact requirements
  • How to carry out your project up to 70% faster
  • What you can learn from our experience and best-practice examples

>> Request link to webinar recording.

UAM: "The new fat burner for your roles: SAST Self-Adjusting Authorizations."

It's a well-known fact at every company that has SAP systems: User authorizations are continually being optimized. But what doesn't happen nearly often enough is the removal of transactions no longer in use in the roles. This is a completely avoidable cause of risks related to separation of duties, an unnecessary drain on admin resources and, of course, an untapped source of potential savings for SAP licenses.

Our latest SAST SUITE module has a slimming effect on your roles. After applying our self-adjusting authorizations, based on concrete usage analyses, each role will contain only those transactions that are truly necessary for performing a business process. Unused transactions are safely stripped away. This allows you to achieve optimally lean roles without limiting your day-to-day business in any way. And, almost without trying, you'll also be in the best position possible for your next SAP license audit.

Topics of focus:

  • Benefits of a lean authorization concept
  • Achieve greater security with less work
  • Case studies for "self-adjusting" authorizations
  • Positive knock-on effects for your next SAP license audit

>> Request link to webinar recording.

Security Intelligence: “SAST Threat Detection: What you stand to gain from intelligent, SAP real-time monitoring."

Your efforts to protect your SAP systems won't be complete until you have reliable way to keep a constant eye on your transactions and applications. When you detect critical incidents right when they occur, you'll be able take immediate action in response. When you're under attack, your reaction time has a significant impact on the level of damage you can expect. It's not hard to see how a real-time solution like AKQUINET's SAST Security Radar pays for itself in short order.

Detecting attacks based on log files and analyzing network traffic requires in-depth knowledge of the potential paths and patterns such incursions can follow. This is because events relevant to security have to be filtered out of a sea of data and placed in the proper context.

Topics of focus:

  • Why authorization concepts alone are not enough.
  • Step-by-step to comprehensive, real-time protection with SAST.
  • How to achieve a reliable security management process.
  • Opportunities for integration into a cross-SIEM solution.

>> Request link to webinar recording.

Managed Services: "The choice is yours: a make or buy approach to SAP security and compliance?"

Checking for vulnerabilities, flawed configurations, and critical authorizations on a regular basis is the only way to ensure SAP system security. However, efforts like these are technically complex, which is why they require so much time and personnel. Decision-makers thus face a fundamental question: Should they "make" or “"buy" their way to SAP security and compliance?

Our managed services offer a holistic solution that can assist you in both on-site and remote environments.

Topics of focus:

  • How you'll benefit from a managed service solution.
  • How to achieve greater security while keeping an eye on your budget and other resources.
  • Why the ability to respond to critical incidents in a matter of minutes is crucial.
  • How to drive an effort to secure systems and fine-tune authorization management in just days.
  • How to ensure holistic system security now and in the future.

>> Request link to webinar recording.

naviPix
SAST BLOG
SAST BLOG
naviPix
SAST Brochure
SAST BROCHURE
naviPix
GET IN TOUCH
GET IN TOUCH