Security at SAP TechEd 2018

How SAP Keeps SAP Cloud Platform Secure (Lecture, 1hr.)

In the new cloud world, everything is connected. Traditional, isolated data and infrastructure concepts no longer apply. This talk will give examples how SAP implements cloud security to address the needs of customers from various industries and to address current cyberthreats. We will show security architectures and monitoring solutions, focusing on infrastructure as a service providers, container applications, and secure “DevOps”.
Las Vegas | Bangalore | Barcelona

Achieving Security by Design and Default with SAP Products (Lecture, 1hr.)

In this demo-rich lecture, we will show how you can secure your system landscape using SAP security offerings. Products covered include the SAP Enterprise Threat Detection and SAP Single Sign-On applications, the SAP Identity Management component, SAP Cloud Platform Identity Provisioning, SAP Cloud Platform Identity Authentication, and code vulnerability analyser tools. We will also provide a brief introduction to operational security measures that should be applied in SAP system landscapes.
Las Vegas | Bangalore | Barcelona

SAP Cloud Platform Security: Best Practices (Lecture, 1hr.)

Identity and access management, data security, and compliance are top priorities for cloud-based applications. Join this demo-rich session for an overview of the security services available for SAP Cloud Platform within Neo and Cloud Foundry environments, and learn security best practices for developers and administrators.
Las Vegas | Bangalore | Barcelona

Security Monitoring at SAP: A Customer Experience Story (Lecture, 1hr.)

Explore how SAP conducts its own security monitoring. Find out how the internal SAP security team uses the SAP Enterprise Threat Detection application for security information and event management. We will also look at future plans for SAP’s use of the solution.
Las Vegas | Bangalore | Barcelona

Safeguarding Data and Access in SAP HANA (Lecture, 1hr.)

Explore our security approach for the SAP HANA business data platform and see how advanced security capabilities help you keep control of critical business data. Learn how features such as real-time data anonymization and dynamic data masking help address data protection and privacy requirements in line with legislation such as the General Data Protection Regulation. Get an overview of security features, including authentication, user and role management, encryption, auditing, and tooling.
Las Vegas | Bangalore | Barcelona

Data Protection in SAP S/4HANA, SAP Business Suite, and SAP Cloud Platform (Lecture, 1hr.)

Learn about authorizations and change logging features, and their importance for compliance with data protection and privacy (DPP) legislation such as the General Data Protection Regulation. Experience new security features dedicated to the support of DPP, including the blocking and deletion of personal data and read-access logging. Find out about required technical considerations to achieve compliance with DPP regulations in SAP S/4HANA, SAP Business Suite applications, and SAP Cloud Platform.
Las Vegas | Bangalore | Barcelona

GDPR Blocking and Deletion with SAP ILM and Data Retention Manager (Lecture, 1hr.)

Discover how the simplified blocking and deletion capabilities offered by the SAP Information Lifecycle Management (SAP ILM) component supports corporate compliance efforts for legislation such as the General Data Protection Regulation (GDPR). Learn how to block and unblock person-related data, and how to archive and destroy retention-relevant data in accordance with country-specific retention periods. This session also includes an overview of our Data Retention Manager service.
Las Vegas | Bangalore | Barcelona

Identity and Access Management Services Offered by SAP Cloud Platform (Lecture, 1hr.)

Cloud services provide instant value and agility! Can your identity and access management (IAM) processes keep up with that promise? In this session, you will learn all you need to know about how to provide your end users with straightforward and secure access to the cloud. You will find out how IAM services simplify the integration of SAP cloud applications and increase productivity and compliance for cloud-based business applications.
Las Vegas | Bangalore | Barcelona

Implementing GDPR Projects in an Existing SAP System Landscape (Lecture, 1hr.)

To comply with the General Data Protection Regulation (GDPR), established users of SAP S/4HANA and SAP Business Suite software should take an inductive approach. Start with the system landscape and the real data within, identifying personal data and linking it to the purpose of the data processing. A deductive approach is needed for new software deployments. Understand how analyzing the purpose of the data processing will help you evaluate the personal data and the relevant safeguards required.
Las Vegas | Bangalore | Barcelona

Identity and Access Management in Hybrid System Environments (Hands-On Workshop 2-hr)

When customers extend their managed landscapes from on-premise to cloud-based deployments, they do not want to compromise on the compliance or productivity benefits offered by existing identity and access management solutions. In this hands-on session, you will learn how to configure the SAP Identity Management component and SAP Cloud Platform Identity Provisioning to enable hybrid identity lifecycle management, across on-premise and cloud-based solutions.
Las Vegas | Bangalore | Barcelona

How to Fix the Most Common Developer Mistakes and Write Secure Code (Hands-On Workshop 2-hr)

Without proper training most developers will create built-in vulnerabilities in your custom development projects. In this session, we will demonstrate and correct the most common developer mistakes regarding security vulnerability, using a code vulnerability analyzer tool and software from Fortify Inc.
Las Vegas | Bangalore | Barcelona

Troubleshooting Security Issues in SAP Cloud Platform (Hands-On Workshop 2-hr)

The SAP Single Sign-On application has been widely adopted by SAP customers as the best-practice solution for secure authentication and single sign-on for SAP’s business applications. SAP Single Sign-On protects the on-premise parts of hybrid landscapes and remains an important piece of any security strategy. In this road map session, we will present recent enhancements and our plans for the future. It’s also an opportunity for you to discuss relevant topics with the SAP experts.
Las Vegas | Bangalore | Barcelona

The “Compatibility First” Nightmare: How to Implement Security Notes (Hands-On Workshop 2-hr)

Are you successful with implementing SAP security notes? Learn how to use dashboard builder functionality within SAP Solution Manager to report on the implementation status of SAP security notes that contain manual configuration activities in addition to software updates.
Las Vegas | Bangalore | Barcelona

End-to-End Identity and Access Management Using SAP Cloud Platform (Hands-On Workshop 2-hr)

Set up an end-to-end scenario for user provisioning and authentication in the cloud. You will configure SAP Cloud Platform Identity Provisioning to connect to cloud applications such as SAP SuccessFactors Employee Central solutions and the SAP Jam collaboration platform. To enable straightforward and secure access, you will set up the SAP Cloud Platform Identity Authentication service to enable single sign-on and configure different security levels and features with risk-based authentication.
Las Vegas | Bangalore | Barcelona

Run Your Cloud Applications Compliantly and Securely on SAP Cloud Platform (Hands-On Workshop 2-hr)

Running cloud applications according to compliance standards is a tough challenge. Learn how to use and integrate the security controls in SAP Cloud Platform for your requirements. Explore strong two-factor authentication; authorization and user management of administrators; segregation of duties with custom-platform roles; and access to audit logging. All this will help you to run and stay compliant.
Las Vegas | Bangalore | Barcelona

Authentication, SSO, and Authorization Best Practices in Hybrid Landscapes (Hands-On Workshop 2-hr)

Learn about different authentication mechanisms for the ABAP programming language and SAP Cloud Platform, and how to select and apply a single sign-on (SSO) mechanism to your landscape. You will also find out how to assign authorizations in a hybrid landscape. We will look at an example landscape that includes a back-end based on ABAP, an SAP Fiori launchpad app based on SAP Cloud Platform Portal, and a custom application on the Cloud Foundry platform.
Las Vegas | Bangalore | Barcelona

SAP Enterprise Threat Detection (Roadmap, 30 minutes)

The SAP Enterprise Threat Detection application leverages the SAP HANA business data platform and allows businesses to effectively manage exposure to external and internal threats. The application enables real-time analysis and correlation of log data from SAP and non-SAP systems, identifying attacks as they are happening, and analyzing and neutralizing threats before serious damage occurs. We explore current and planned features of deployment on premise and through SAP Cloud Platform.
Las Vegas | Bangalore | Barcelona

Code Vulnerability Analysis (Roadmap, 30 minutes)

Security is no longer considered a luxury for IT systems. Custom applications based on ABAP programming language are a target for cyber attacks. Learn how an add-on for code vulnerability analysis for the SAP NetWeaver Application Server component helps you identify and fix potential weaknesses in applications based on ABAP. We will also explore how the add-on integrates with SAP Fortify software by Micro Focus, which scans custom code using non-ABAP languages for security vulnerability.
Las Vegas | Bangalore | Barcelona

SAP Single Sign-On (Roadmap, 30 minutes)

The SAP Single Sign-On application has been widely adopted by SAP customers as the best-practice solution for secure authentication and single sign-on for SAP’s business applications. SAP Single Sign-On protects the on-premise parts of hybrid landscapes and remains an important piece of any security strategy. In this road map session, we will present recent enhancements and our plans for the future. It’s also an opportunity for you to discuss relevant topics with the SAP experts.
Las Vegas | Bangalore | Barcelona

Consumer Identity Management with SAP Customer Identity (Roadmap, 30 minutes)

Consumer identity and access management is a driver for revenue as it helps companies build a frictionless, personalized, and value-packed digital experience for consumers. A trusted relationship with consumers requires proper handling of personal data and giving the individuals control over what they are willing to share. The new SAP Customer Identity solution combines these capabilities by enabling you to collect knowledge about your customers while complying with data privacy regulations.
Las Vegas | Bangalore | Barcelona

SAP Cloud Platform Identity Provisioning Service (Roadmap, 30 minutes)

The SAP Cloud Platform Identity Provisioning service offers a comprehensive, low-cost approach to identity life cycle management in the cloud. It automates the provisioning of identities and authorizations in cloud and hybrid environments. Join this road map session to learn more about the current state of the service and the latest enhancements. In addition, you can familiarize yourself with current development plans and upcoming features.
Las Vegas | Bangalore | Barcelona

SAP Cloud Platform Identity Authentication Service (Roadmap, 30 minutes)

In this session, you will get an overview of the existing features of the SAP Cloud Platform Identity Authentication service. In addition, we will look at future planned features.
Las Vegas | Bangalore | Barcelona

Security Products from SAP (Roadmap, 30 minutes)

Hear about the plans for security-related products at SAP. Learn about cloud security services such as the SAP Cloud Platform Identity Provisioning and SAP Cloud Platform Identity Authentication services. Explore the SAP Identity Management component and SAP Access Control, SAP Single Sign-On, and SAP Enterprise Threat Detection applications, as well as the add-on for code vulnerability analysis for the SAP NetWeaver Application Server component.
Las Vegas | Bangalore | Barcelona

SAP Identity Management (Roadmap, 30 minutes)

Hear about the features and recent enhancements offered by the SAP Identity Management component. We will also discuss the outlook for future enhancements of this product.
Las Vegas | Bangalore | Barcelona

The Technical Impact of the European Union’s GDPR Legislation (Lightning Talk, 30 minutes)

In this session, we will discuss the technical minimum requirements you should consider for compliance with the General Data Protection Regulation (GDPR). This is critical for all companies with worldwide operations and does not only apply to companies based in the European Union.
Las Vegas | Bangalore | Barcelona

A Trustworthy Company: How SAP Manages Vulnerabilities and Incidents (Lightning Talk, 30 minutes)

Successful businesses use technology as a revenue enabler and must evolve software development processes to reflect the ever-changing threat landscape. Learn about proactive and reactive measures implemented by SAP to identify, neutralize, and mitigate threats. As well as exchanging thoughts on initiatives such as the Common Vulnerabilities and Exposures (CVE) system, bug-bounty programs, and open source security, we will discuss best practices and future directions in protecting your landscape.
Las Vegas | Bangalore | Barcelona

Analyze Your Code for Vulnerabilities with Vulnerability Analyzer Tools (Code JAM Mini Edition, 1-hr)

This session gives you the opportunity to review coding based on the ABAP programming language and identify security vulnerabilities. Learn how to use test cockpit and code vulnerability analyzer tools. Find out how to fix vulnerabilities in your code with the toolset for static application security testing.
Las Vegas | Bangalore | Barcelona

SAP Cloud Platform Identity Provisioning: Maintain Mapping Transformations (Code JAM Mini Edition, 1-hr)

SAP Cloud Platform Identity Provisioning enables you to exchange user account and attribute information between different systems. In most cases, the mapping between the source and the target is something that you have to adjust due to system-specific identity models. Come to this session and see for yourself how you can maintain mapping transformations so that you can exchange information effectively without having to make adjustments.
Las Vegas | Bangalore | Barcelona

Secure Your APIs against OWASP Top-Ten Threats Using SAP API Management (Code JAM Mini Edition, 1-hr)

Application programming interfaces (APIs) allow you to expose your enterprise data and processes to your ecosystem of partners, as well as third-party application developers and integrators. In this session, we explain how you can secure your APIs comprehensively using SAP API Management technology. During the session, we will address the top ten vulnerabilities as defined by the Open Web Application Security Project (OWASP).
Las Vegas | Bangalore | Barcelona