Skip to Content
Event Information
Author's profile photo Selvaraj Kettimuthu

Security at SAP TechEd 2019

Secure (Intelligent) Enterprise! 

With each day, as we further intertwine our lives with technology, there isn’t a better time to talk security than now. Today, cyber attacks are getting sophisticated, innovative and incredibly destructive – targeting our personal data, intellectual and financial assets. Artificial Intelligence, IoT, Machine Learning, while one sees these as leaps of advancement, others see them as increase in attack surface.

At SAP, we’re constantly striving to be the best at what we do. In the world of security, this means keeping your business secure against the ever-evolving threat landscape. Whether it is about securing your cloud applications, protecting business critical data or just saying NO to hackers, you can find the extensive list of security talks at SAP TechEd 2019 in the session catalog. Be sure to set the track as “Secure by Default” to see the security relevant sessions. And remember, a secure enterprise is an intelligent enterprise.

You may also watch the Video recorded by Kristian Lehment, Product Manager for Security Products at SAP. He talks about the different offerings in the area of security at SAP TechEd 2019.

Here’s the list of 36 security sessions to be presented at SAP TechEd 2019. Be sure to check back here as more sessions will get added in on the fly. These sessions will be presented at all three TechEd locations: Las Vegas, Bangalore and Barcelona.


Table of content:

Security Lectures (1 hour)

Our one-hour lecture sessions are instructor-led and may include in-depth Microsoft PowerPoint presentations and/or online demonstrations. Review the session details for any prerequisites to ensure you are fully qualified to attend. The instructor may offer time for questions and open discussion at the end of the session.

SEC100

Manage Roles with Intelligent Algorithms for the Intelligent Enterprise (Lecture, 1hr.)

Creating the optimal role set for each business user from tens of thousands of potential roles in your on-premise and cloud landscape can prove challenging. Learn from demos in this session how to use SAP Cloud Identity Access Governance software and its intelligent algorithms to generate an optimized set of roles for a business user with minimum risk exposure. Understand how system proposals work and how you can use outcomes to reconcile your users access permissions in more intelligent ways.

Las Vegas | Bangalore | Barcelona

SEC103

Achieving Security by Design and by Default with SAP Solutions (Lecture, 1hr.)

In this demo-rich lecture, watch how to secure your system landscape using security offerings from SAP. Products include the SAP Enterprise Threat Detection and SAP Single Sign-On applications, the SAP Identity Management component, the SAP Cloud Platform Identity Provisioning and SAP Cloud Platform Identity Authentication services, and code vulnerability analyzer tools. This session provides a brief introduction to operational security measures that should be applied in SAP system landscapes.

Las Vegas | Bangalore | Barcelona

SEC104

Safeguarding Data and Access in SAP HANA (Lecture, 1hr.)

Understand the security approach for the SAP HANA business data platform as part of the Intelligent Enterprise and how its security capabilities help control critical business data. See how features such as real-time data anonymization and dynamic data masking address data protection and privacy requirements for laws such as the EU’s General Data Protection Regulation (GDPR). Get an overview of security features such as authentication, user and role management, encryption, auditing, and tooling.

Las Vegas | Bangalore | Barcelona

SEC200

How to Run Identity and Access Management for the Intelligent Enterprise (Lecture, 1hr.)

Identity and access management comprises a strategic part of the foundation of the intelligent enterprise. During this session, get to know the out-of-the-box functionality that can help you to run your SAP applications in a secure and compliant way. Find out how you can integrate that functionality with your existing solution for identity and access management.

Las Vegas | Bangalore | Barcelona

SEC201

Turning Total Workforce Management into an End-to-End Process with IAM (Lecture, 1hr.)

Total workforce management combines numerous SAP business applications into one end-to-end process. In addition, users witness a tightly integrated experience thanks to SAP’s capabilities for identity lifecycle and access management (IAM), together with process-wide single sign-on capabilities.

Las Vegas | Bangalore | Barcelona

SEC202

Enabling Security of SAP S/4HANA with IAM Capabilities from SAP (Lecture, 1hr.)

Integrate SAP S/4HANA into your existing landscape with identity lifecycle management and single sign-on (SSO) capabilities to enhance usability in a secure and highly integrated scenario. Learn how to re-use your existing identity and access management (IAM) landscape as part of the setup, on premise, and in the cloud. Get insights on how to manage user accounts and access in your SAP S/4HANA software, based on automated provisioning as well as end-user self-services.

Las Vegas | Bangalore | Barcelona

SEC203

Functions and Features in Data Protection in SAP S/4HANA for GDPR and CCPA (Lecture, 1hr.)

Learn which features are available in standard S/4HANA and S/4HANA for customer experience to reach compliance with data protection. Consider how these features can help fulfil requirements of the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Las Vegas | Bangalore | Barcelona

SEC204

How to Build an Efficient, Encrypted, Compressed In-Memory Database (Lecture, 1hr.)

Past attacks on cloud infrastructures and services show that stored data is at risk, resulting in leakage of sensitive and personal information. A first step is data-at-rest protection, but this does not protect from attackers with access to the main memory during processing. Learn from recent research how to use trusted execution environments such as Intel SGX to build an efficient, encrypted, compressed in-memory database that processes encrypted data directly.

Las Vegas | Bangalore | Barcelona

SEC205

A Holistic Approach to GDPR and CCPA Helps Purpose-Driven Data Protection (Lecture, 1hr.)

The role of data protection is not magically to reach compliance of a single product. Data protection can only become achievable by setting up a holistic approach with a comprehensive mixture of technical and organizational measures. Find out how a holistic approach can help fulfil requirements of the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Las Vegas | Bangalore | Barcelona

SEC300

SAP Cloud Platform Data Retention Manager for Data Protection and Privacy (Lecture, 1hr.)

The role of data protection is not magically to reach compliance of a single product. Data protection can only become achievable by setting up a holistic approach with a comprehensive mixture of technical and organizational measures. Find out how a holistic approach can help fulfil requirements of the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Las Vegas | Bangalore | Barcelona

 SEC301

Blocking and Deletion of Personal Data (Lecture, 1hr.)

This session presents functions and features available to block personal data in SAP S/4HANA, SAP S/4HANA Cloud, and SAP Customer Experience solutions. Learn how these functions and features meet requirements for the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Las Vegas | Bangalore | Barcelona

SEC302

Enabling Privacy-Preserving Enterprise Applications (Lecture, 1hr.)

Privacy-enhancing technologies are business differentiators and not only a requirement of GDPR legislation. This session includes an introduction into privacy building blocks that you can use to realize intelligent enterprise use cases for text analysis and enterprise benchmarking, as well as machine learning on anonymized data.

Las Vegas | Bangalore | Barcelona

 SEC304

How One of the Largest Swiss Retail Companies Migrated to SAP S/4HANA (Lecture, 1hr.)

COOP, a leading Swiss retail company, decided to migrate its global finance system to SAP S/4HANA using the system conversion method. During this session, learn how COOP approached this project, which issues the retailer addressed, which lessons learned, and which tools used to expedite the migration of SAP roles and authorizations. Discuss the importance of COOP making the security team from SAP part of the migration effort to prevent role changes from impacting the business.

Las Vegas | Bangalore | Barcelona

SEC305

How to Secure Your SAP Systems to Prevent Cyberattacks (Lecture, 1hr.)

Learn about the key areas that need to be secured in your SAP Systems, in order to defend your business against cyberattacks. Topics that this session covers include key areas to secure and their business impact, implementation approaches to minimize business disruptions, and monitoring and tooling aspects to help with implementation and ongoing monitoring.

Las Vegas | Bangalore | Barcelona

SEC306

Minimize Downtime by Enforcing Critical Configuration and Detecting Issues (Lecture, 1hr.)

In SAP software, unexpected errors or malicious attacks that compromise business continuity, uptime, and availability pose a challenge. Learn how to protect against internal misuse and external attacks by enforcing customizable policies that prevent unauthorized access, configuration drift, and a noncompliant state. Define and enforce critical system configuration policies, prevent unauthorized changes, and record and log change activity to minimize downtime and comply with security policies.

Las Vegas | Bangalore | Barcelona

SEC307

GDPR Compliance and How Roles and Authorizations Impact GDPR and GRC (Lecture, 1hr.)

During this session, explore a best-practice approach, as described in SAP Note 1682316, to analyze roles and authorizations. Learn how to safely redesign overauthorized dialog and technical (RFC) users that have unnecessary access to data relevant to the European Union’s General Data Protection Regulation (GDPR). Also, discuss critical access that leads to segregation of duties (SOD) risks in governance, risk, and compliance (GRC) issues.

Las Vegas | Bangalore | Barcelona

Go to table of contents

Security Hands-On Workshops (2 hours)

Hands-On sessions are there for you to get a feeling of newly developed functionality and see it in real live! It will be paperless. Each workstation will be equipped with two monitors, one for the “work” and the other one to display the “working script”, formerly known as (paper-) handout.

SEC260 Access Risk Analysis and User Provisioning for the Intelligent Enterprise (Hands-On Workshop 2-hr)

In the Intelligent Enterprise, the system landscape comprises a mix of on-premise and different cloud systems. Learn in this hands-on session how efficiently and quickly you can provision users with their business roles across all systems using SAP Cloud Identity Access Governance. See how the software provides a single, central, compliant workflow that includes a complete access risk analysis with embedded mitigation.

Las Vegas | Bangalore | Barcelona

SEC261

How to Fix the Most Common Security Vulnerabilities in Your Coding (Hands-On Workshop 2-hr)

This session explains how cyber attackers try to exploit security vulnerabilities in ABAP custom code. Understand how you can identify and fix these attacks using the SAP Code Vulnerability Analyzer tool, and learn how this tool runs in SAP Cloud Platform, ABAP Environment. Since most customers also have non-ABAP coding, this session includes a brief discussion of the interface to the SAP Fortify software by Micro Focus.

Las Vegas | Bangalore | Barcelona

SEC262

Secure the Intelligent Enterprise with SAP Enterprise Threat Detection (Hands-On Workshop 2-hr)

Join this session and get to know how the SAP Enterprise Threat Detection application identifies, analyzes, and neutralizes cyberattacks against your SAP solutions and IT environment. Learn how security incidents are detected and analyzed and how evidence for an attack is collected and substantiated. In addition, learn how new attack-detection patterns can be built to adopt special use cases according to your individual environment and policies.

Las Vegas | Bangalore | Barcelona

SEC263

Keep Hackers Out of Your Hybrid Cloud and On-Premise Applications (Hands-On Workshop 2-hr)

Find out how to apply security best practices in SAP Cloud Platform for the Neo environment and a cloud connector from SAP for an SAP Fiori app for the portal service from scratch. Learn how to synchronize cloud and on-premise authorizations using the SAP Cloud Platform Identity Provisioning service.

Las Vegas | Bangalore | Barcelona

SEC264

Troubleshooting Security Issues in SAP Cloud Platform (Hands-On Workshop 2-hr)

Security issues in business applications, such as failed authentication, wrong authorizations, or nonworking principal propagation are not always easy to detect and fix. Learn how to analyze the most common issues using modern tools and methods to find and solve the root causes in real-world scenarios. These scenarios cover the SAP Cloud Platform SDK for Neo and Cloud Foundry environments.

Las Vegas | Bangalore | Barcelona

SEC360

Authentication, SSO, and Authorization Best Practices in Hybrid Landscapes (Hands-On Workshop 2-hr)

Learn about different authentication mechanisms for the ABAP programming language and SAP Cloud Platform, along with the process of how to select and apply a single sign-on (SSO) mechanism to your landscape. Also, find out how to assign authorizations in a hybrid landscape. Look at an example landscape that includes a back-end based on ABAP and a custom SAPUI5 application on the Cloud Foundry platform.

Las Vegas | Bangalore | Barcelona

SEC361

Extend Identity and Access Management Environments with Cloud Applications (Hands-On Workshop 2-hr)

When customers extend their managed environments from on-premise to the cloud, they do not want to compromise on compliance or productivity benefits offered by existing identity and access management solutions. Learn how to configure the SAP Identity Management component and the SAP Cloud Platform Identity Provisioning service to cover on-premise and cloud-based solutions in your managed environments to build a hybrid identity lifecycle management landscape.

Las Vegas | Bangalore | Barcelona

 SEC362

Integrate SAP Applications into Your Existing IAM Solution (Hands-On Workshop 2-hr)

This session presents various options to integrate SAP applications for purposes of identity and access management (IAM). Find out more about functionality that comes by default with SAP applications and the underlying identity services available in SAP Cloud Platform.

Las Vegas | Bangalore | Barcelona

 SEC363 How to Manage Open Source Security in Your Development (Hands-On Workshop 2-hr)

Market research companies estimate that more than 80% of the code base of a typical Java application is open source. Therefore, it becomes increasingly more important to manage vulnerability fixes in open source. The vulnerability discovery tool from SAP for open source contributes to accelerate open-source security. Learn more about this vulnerability discovery tool and how to use it to make your own development more secure.

Las Vegas | Bangalore | Barcelona

 SEC364 Secure Microservices in Cloud Foundry Environment on SAP Cloud Platform (Hands-On Workshop 2-hr)

In the cloud, each of your applications is broken down into microservices. Can they communicate securely and integrate with your corporate identity and access management systems? The Cloud Foundry environment includes a central OAuth server that takes care of integration. Apps can use this for authentication, authorization, user propagation, and multitenancy. During this session, you can experience this OAuth server in action.

Las Vegas | Bangalore | Barcelona

 SEC365

Run Your Cloud Applications Compliantly and Securely on SAP Cloud Platform (Hands-On Workshop 2-hr)

Running cloud applications according to compliance standards has become a tough challenge. Learn how to use and integrate the security controls in SAP Cloud Platform optimally for your requirements. Explore strong two-factor authentication, authorization and user management of administrators, segregation of duties with custom-platform roles, and access to audit logging. See how these capabilities can help you to run and stay compliant.

Las Vegas | Bangalore | Barcelona

Go to table of contents

Product Road maps (30 minutes)

Product road map sessions were delivered also in past years as so called “Q&A” informational sessions, giving insight into current product development plans and answers to your questions. Plus, the opportunity to discuss – and influence – future product functionality because they are usually held by SAP experts from the product management team.

SEC814

Road Map for SAP Cloud Identity and Access Governance (Roadmap, 30 minutes)

This session briefs you about the latest improvements in SAP Cloud Identity Access Governance software and ways to best integrate it into the intelligent enterprise landscape. Learn about the upcoming enhancements and strategic direction of access management, risk management, and role management in the cloud world.

Las Vegas | Bangalore | Barcelona

SEC815

Road Map for Identity and Access Management Solutions by SAP (Roadmap, 30 minutes)

Learn about the latest enhancements and upcoming features in SAP solutions for security authentication, single sign-on, and identity lifecycle management. Understand how these features are relevant for your company and how they fit into your own road map to become an intelligent enterprise.

Las Vegas | Bangalore | Barcelona

SEC816

Road Map for SAP Code Vulnerability Analyzer (Roadmap, 30 minutes)

Security is no longer considered a luxury for IT systems. Your custom applications written in ABAP have become targets for cyberattacks. This session explains how the SAP Code Vulnerability Analyzer tool can help you to identify and fix potential weaknesses in your ABAP applications. Also, get an outline of how SAP Code Vulnerability Analyzer integrates with SAP Fortify by Micro Focus software, which scans custom code for non-ABAP languages.

Las Vegas | Bangalore | Barcelona

SEC817

Road Map for SAP Enterprise Threat Detection (Roadmap, 30 minutes)

The SAP Enterprise Threat Detection application leverages the SAP HANA business data platform and enables businesses to effectively manage exposure to external and internal threats. The application enables real-time analysis and correlation of log data from SAP and non-SAP systems, identifying attacks as they are happening, and analyzing and neutralizing threats before serious damage occurs. Explore current and planned features of deployment on premise and through SAP Cloud Platform.

Las Vegas | Bangalore | Barcelona

Go to table of contents

Lightning Talks (30 minutes)

Lightning talks provide an overview of the features and functions of specific SAP products and technologies. Attendees have the option to gain more insight through the SAP Lightning Talk sessions that are available on the show floor and at different times throughout the event. Experts put on hour-long focused sessions that did not require advance registration.

LT111

How an Information Retrieval Framework by SAP Supports Compliance with GDPR (Lightning Talk, 30 minutes)

This lightning talk can assist your understanding of the information retrieval framework by that can support you in answering data subject access requests. Find out how to use this framework for SAP S/4HANA to provide answers to these requests, as well as support for data privacy and compliance efforts for the European Union’s General Data Protection Regulation (GDPR).

Las Vegas | Bangalore | Barcelona

LT118

Proving Accountability Has a Lot To Do with Organized Note-Taking (Lightning Talk, 30 minutes)

During this lightning talk session, we discuss some features provided by SAP S/4HANA that can help you prove accountability towards data integrity. Protect data quality and integrity, centralize data, and enrich analytics capabilities while helping to control project costs and project through possible reuse of content from earlier efforts

Las Vegas | Bangalore | Barcelona

Go to table of contents

Code Jam Mini Editions (1 hour)

Our mini-editions of SAP CodeJam give participants an opportunity to meet one-on-one with SAP development experts, connect with other developers, share knowledge, and have a little fun coding!

SEC610

Consolidate User Data with SAP Cloud Platform Identity Provisioning (Code JAM Mini Edition, 1-hr)

The SAP Cloud Platform Identity Provisioning service enables you to exchange user account and attribute information among different systems. Frequently, user details are distributed among several systems and you have to combine the different system-specific identity models. Come to this session and learn how to consolidate in one place user data from several sources, such as the SAP SuccessFactors Employee Central solution and Microsoft Active Directory Domain Services.

Las Vegas | Bangalore | Barcelona

SEC611

Find and Fix Security Vulnerabilities in Your ABAP Custom Code (Code JAM Mini Edition, 1-hr)

This session presents participants with the opportunity to use the SAP Code Vulnerability Analyzer tool to find security vulnerabilities in their ABAP coding. Learn how to use the tool for custom code simplification and optimization, including lifecycle guidelines and processes for quality checks, transparency, impact, and retirement.

Las Vegas | Bangalore | Barcelona

Go to table of contents

 

If you’re interested in getting a detailed understanding of SAP’s portfolio of solutions, platforms and technologies, and insights into their future direction, but also in putting your hands on the latest and greatest features and tools, then join us at the different SAP TechEd 2019 events all around the world.

Save the dates!

Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo Kristian Lehment
      Kristian Lehment

      Excellent blog! Very informative and helpful. Thanks a lot!