Share
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Manage episode 513509069 series 2871161
Content provided by Joe South. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Joe South or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
A curiosity-fueled career moves from Atari and BBS days to leading research on a live SAP zero-day, with candid lessons on people skills, breaking into security, and holding the line when pressure spikes. We unpack how a benign SAP endpoint became an RCE chain and what it takes to defend complex systems at scale.
• early path from Commodore 64 and BBS to IT and security
• contrast between the Wild West era and today’s tool-rich learning
• help desk as a foundation for people skills and pressure
• practical advice for students on coding, protocols, Wireshark
• hiring by attitude, approach and aptitude over tool checklists
• navigating WAF pushback and risk acceptance with dev teams
• Onapsis research labs and SAP’s threat landscape
• deep-dive on the SAP 31324 Java gadget chain RCE
• attacker interest, attribution signals, and factory impact
• offensive research versus traditional pen testing
• building culture that rewards questions and learning
Find us: onapsis.com → Research Labs. Search “Onapsis 2025 31324” for our zero-day article. SAP thanked us in their patch notes. Connect with Paul on LinkedIn to talk SAP security, offensive work, or careers.
Support the show
Follow the Podcast on Social Media!
Tesla Referral Code: https://ts.la/joseph675128
YouTube: https://www.youtube.com/@securityunfilteredpodcast
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Chapters
1. Top SAP Security Threat Hunting Strategies Used by Elite Researchers (00:00:00)
2. Setting The Stage & Guest Intro (00:01:46)
3. Early Tech Roots: Atari to BBS (00:02:19)
4. Wild West Computing vs Today (00:08:12)
5. Help Desk to Security Pivot (00:13:09)
6. Breaking In: Skills and Mindset (00:20:49)
7. People Skills Over Tools (00:28:27)
8. Onapsis and SAP Security (00:38:08)
9. Inside the SAP Zero-Day Chain (00:42:35)
10. Attribution, Actors, and Impact (00:47:58)
11. Offensive Work: Research vs Pen Test (00:51:56)
256 episodes
))
