Join in for a full day of FREE CPE with two great speakers on
September 14th, 2023
8:00 am to 4:00 pm
(Breakfast served at 7:30 am)
(this event is in-person only)
Morning session -
Bryan Strand, GCIH, GCCC with Black Hill Information Security providing
Getting Started in Blue Teaming: Atomic Controls
Summary:
Black Hills Information Security developed The Atomic Controls out of a need we saw with our customers to create a strong security foundation before worrying about a specific control framework or compliance requirement. Instead of getting bogged down with trying to work sequentially through a set of controls and ignoring an implementation that will better secure their environment, organizations can focus on what matters most, first!
Comprised of the top 11 (Ours goes to 11) Controls we see as the most critical.
Topics Covered:
· Password Controls
· Application Control
· Egress traffic Capture and Analysis
· User and Entity Behavior Analytics
· Advanced Endpoint Protection
· Proper System Logging
· Internal Segmentation and Host Firewall Configuration
· User Content Filtering
· Vulnerability Management
· Active Directory Hardening
Afternoon session -
Steve Biskie with RSM on
Advanced Concepts and Testing Strategies for Auditing SAP
Summary:
This session will go beyond the basics of auditing SAP, to focus on advanced concepts and testing strategies. We will start with an introduction to an SAP Internal Control Maturity model designed to help organizations move to a more optimal state of control maturity. From there, we'll dive into the SAP system itself, examining useful IT General Controls (ITGCs) and IT Application Controls (ITACs) that are either commonly mis-configured (if enabled at all) or insufficiently tested. ITGC content will cover topics such as alternate ways to get to SAP programs and data (without going through the “normal” transaction codes), potential issues related to customizations and key report testing, validating that parameters are consistently set across application servers, and critical log files and tables for verifying controls are set consistently throughout the period. ITAC content will cover commonly misunderstood configuration such as park and post limitations, user-based messages, and often unused tolerances. Additionally, live demonstrations both illustrate risks, and showcase key tables and strategies for automating testing.
This session will be applicable to those in organizations running both SAP S/4HANA and SAP ECC. For those who attended the SAP security session in 2021, while there will be a few duplicated slides, the majority of this session will be new.
Learning Objectives:
After completing this session, the learner will:
- Be able to articulate practical examples of how specific risks can be exploited, and the controls/monitoring necessary to address those risks
- Be able to describe control tests that are commonly performed incorrectly, and the proper way to test these controls
- Understand key tables and log files supporting various audit objectives
- See how automation can be applied to significantly reduce control testing effort
past_event