Building Modern SAP SOC

The Death of Traditional SAP Security

20 Years of Vulnerabilities That Refuse to Die In this episode, Frederik Weidemann (Orgaverse) sits down with Waseem to discuss why traditional SAP security approaches are fundamentally broken. From OS command execution that still works in 2026 to cloud architectures that nobody understands, Frederik walks through two decades of SAP vulnerabilities that organizations keep repeating. Discover why patches aren't the answer, how AI is changing offensive security forever, and what organizations actually need to do to mature SAP security. TAKEAWAYS * Why SAP vulnerabilities discovered 20 years ago still compromise systems today * How OS command execution remains a critical risk across multiple attack vectors * The shared responsibility model that most cloud customers fundamentally misunderstand * Why BTP is becoming the new DMZ for SAP landscapes (and why that's dangerous) * How AI is automating vulnerability discovery faster than organizations can patch HOST & GUEST Host: Waseem Ajrab | NO MONKEY Guest: Frederik Weidemann | Orgaverse CHAPTERS 01:20 Frederik Weidemann's 20-year journey in SAP security 03:08 The evolution of SAP security awareness since 2006 05:44 Why security researchers still fear touching SAP 08:31 Recent trends in SAP vulnerabilities and patch patterns 11:41 OS command execution: Why removing one report doesn't solve the problem 14:46 The complexity of securing SAP operating systems 19:55 How BTP is changing the enterprise attack surface 25:04 API management and integration suite security risks 31:34 Zero trust in SAP: Identity management as the foundation 32:23 The challenge of navigating identity provisioning 39:10 AI's impact on offensive security and vulnerability discovery 46:05 Understanding ABAP as an offensive tool, not business logic 51:50 Integrating AI and Joule into security workflows 56:19 The mindset shift organizations need right now New episodes drop regularly, featuring conversations with cybersecurity experts, SAP practitioners, and industry leaders who've been in the trenches. No vendor pitches. No fluff. Just actionable insights you can apply today. Because curiosity is free – but recovery isn't.

AI and Responsibility: Securing SAP's Digital Core

When AI agents decide, who answers the auditor? TAKEAWAYS Why tracing and auditing every AI agent decision is an audit requirement, not optional How AI makes SAP's existing attack surface more visible, not bigger The shift from humans executing tasks to humans managing agents managing agents Why organizations need AI to scale defenses against automated attacks Risk management frameworks for deploying AI in SAP (NIST, OWASP Top 10, ISO 27001) HOST & GUEST: Waseem Ajrab – Host: Head of Security Advisory, NO MONKEY José Marquez – Guest: Chief AI Officer, SAP Practice at PwC US CHAPTERS 02:11 José's journey from ABAP developer to Chief AI Officer 04:00 How AI agents change SAP from execution to decision making 07:57 Why AI makes attack surfaces more visible, not expanded 09:28 Autonomous AI agents and the accountability challenge 12:47 Tracing, logging, and auditing: The audit question every organization will face 17:17 Common gaps when organizations have high AI ambition but low governance 18:46 Standards for monitoring AI agents like human employees 22:07 AI's impact on security operations and automated attacks 31:26 The new role: Humans managing agents managing agents 33:33 Risks of over-reliance on AI-driven security decisions 40:56 Protecting SAP's digital core with AI risk governance 44:53 Balancing automation, human oversight, and organizational strategy 45:22 The biggest opportunity (scale) vs. the biggest risk (forgetting how to think critically) New episodes drop regularly, featuring conversations with cybersecurity experts, SAP practitioners, and industry leaders who've been in the trenches. No vendor pitches. No fluff. Just actionable insights you can apply today. Because curiosity is free – but recovery isn't.

Why SAP Is Still a Goldmine for Attackers

Discover what 20 years of vulnerability research reveals about SAP security TAKEAWAYS • Discover why SAP obscurity no longer works as security • Learn what attackers exploit in real SAP penetration tests • Understand the business impact of SAP breaches (real cases) • Identify common patterns that leave SAP systems vulnerable • Adopt the "assume breach" mindset for SAP environments HOST & GUEST: Waseem Ajrab – Host: Head of Security Advisory, NO MONKEY Joris Van De Vis – Guest: Director Security Research, Security Bridge Chapters 03:06 The Journey into SAP Cybersecurity 05:54 Complexity as a Double-Edged Sword 09:01 The Business Impact of SAP Breaches 12:12 Common Vulnerabilities in SAP Systems 14:54 The Importance of Monitoring and Patching 18:03 The Challenge of Legacy Systems 20:50 The Human Factor in SAP Security 24:55 The Human Element in Technology 27:00 Understanding Compliance vs. Security 30:04 Cloud Migration Myths and Realities 34:15 Identifying Patterns in Vulnerabilities 41:51 Mindset Shift: Assume Breach 43:09 Innovations in SAP Security Tools New episodes drop regularly, featuring conversations with cybersecurity experts, SAP practitioners, and industry leaders who've been in the trenches. No vendor pitches. No fluff. Just actionable insights you can apply today. Because curiosity is free – but recovery isn't.

Navigating C‑Level Executives Through SAP Cybersecurity

How to get SAP security on the board agenda, when ransom attacks are louder but SAP is more critical. TAKEAWAYS * SAP security has evolved significantly since 2012. * Continuous security is essential for effective SAP risk management. * Organizations often rely too heavily on audits for security. * There is a gap in communication between technical teams and C-level executives. * Proactive measures can prevent significant security incidents. * AI can enhance both security measures and threat detection. * Transparency in security practices is crucial for effective management. * Organizations need to start addressing glaring security issues immediately. * The complexity of SAP systems requires specialized security approaches. * Security is a continuous process, not a one-time project. CHAPTERS 03:00 The Evolution of SAP Security 06:05 Challenges in SAP Cybersecurity 09:06 The Role of C-Level in Cybersecurity 11:58 Understanding SAP Cyber Risk 15:12 Bridging the Gap in Cybersecurity Communication 24:00 Understanding SAP Security Risks 29:59 The Role of Audits in Cybersecurity 35:55 Continuous Security: A Proactive Approach 41:56 Bridging the Gap Between Cybersecurity and SAP 48:04 Future Trends in SAP Security HOST & GUEST: * Waseem Ajrab – Host, NO MONKEY * Christoph Nagy – Guest, Security Bridge CONNECT WITH US: Website: https://www.no-monkey.com/ [https://www.no-monkey.com/] LinkedIn: https://www.linkedin.com/company/no-monkey/ [https://www.linkedin.com/company/no-monkey/] Subscribe to stay updated on SAP security!

Building Modern SAP SOC

The Role of Offensive Mindset in Cyber Defense TIMESTAMPS: 03:00 - Maxim's Journey into Cyber Defense 05:44 - The Evolving Mindset of SOC Operations 08:28 - The Role of Education in Cybersecurity 11:02 - Understanding SAP's Unique Challenges in SOC 13:42 - Effective Detection Strategies for SAP Systems 16:27 - Building a Threat Hunting Framework 18:46 - The Future of Threat Hunting and SOC Operations 21:07 - Understanding Threat Hunting in SAP Environments 24:30 - Compliance vs. Security: A Critical Distinction 28:11 - Reactive vs. Proactive SOC Teams 32:08 - Bridging the Gap: SOC Analysts and SAP Experts 35:45 - Implementing SAP Security in SOC Operations HOST & GUEST: * Waseem Ajrab – Host, NO MONKEY * Maxim Deweerdt – Guest, NVISO KEY TAKEAWAYS: * Understanding the adversary's goals is crucial for SOC operations * Proactive SOC teams assume compromise and focus on detection * SAP is often treated as a black box in SOCs due to complexity * Effective detection requires collaboration between SAP and SOC teams * Quality of detection rules is more important than quantity * Compliance and security should be clearly differentiated CONNECT WITH US: Website: https://www.no-monkey.com/ [https://www.no-monkey.com/] LinkedIn: https://www.linkedin.com/company/no-monkey/ [https://www.linkedin.com/company/no-monkey/] Subscribe to stay updated on SAP security!