A curiosity-fueled career moves from Atari and BBS days to leading research on a live SAP zero-day, with candid lessons on people skills, breaking into security, and holding the line when pressure spikes. We unpack how a benign SAP endpoint became an RCE chain and what it takes to defend complex systems at scale.
• early path from Commodore 64 and BBS to IT and security
• contrast between the Wild West era and today’s tool-rich learning
• help desk as a foundation for people skills and pressure
• practical advice for students on coding, protocols, Wireshark
• hiring by attitude, approach and aptitude over tool checklists
• navigating WAF pushback and risk acceptance with dev teams
• Onapsis research labs and SAP’s threat landscape
• deep-dive on the SAP 31324 Java gadget chain RCE
• attacker interest, attribution signals, and factory impact
• offensive research versus traditional pen testing
• building culture that rewards questions and learning
Find us: onapsis.com → Research Labs. Search “Onapsis 2025 31324” for our zero-day article. SAP thanked us in their patch notes. Connect with Paul on LinkedIn to talk SAP security, offensive work, or careers.
Listen on: Apple Podcasts Spotify
Follow the Podcast on Social Media!
Tesla Referral Code: https://ts.la/joseph675128
YouTube: https://www.youtube.com/@securityunfilteredpodcast
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Affiliates
➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh
➡️ OffGrid Coupon Code: JOE
➡️ Unplugged Phone: https://unplugged.com/
Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout
*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.
