New SAP & Onapsis Threat Intelligence: Active Cyberattacks on Business-Critical SAP Applications

Download the Report

The Onapsis Blog

The world of business-critical application security is dynamic, with new developments happening on a continuous basis. Check out our blog for recommendations, insights and observations on the latest news for securing your SAP®, Oracle® and Salesforce applications.

Sergio Abraham Security Researcher Innovation Lead

Sergio Abraham

Security Researcher Innovation Lead

As one of the first members of the Onapsis Research Labs, he is responsible for the research of diverse scenarios and configurations of SAP Applications, as well as the development and delivery of Blog posts, SAP Security In-Depth publications, papers and Webcasts, as well as Security Conferences talks and trainings.

Resulting of his experience and work, Sergio discovered and published several SAP Security Vulnerabilities affecting diverse SAP components, and was invited to lecture and teach trainings in different conferences such as Ekoparty, Troopers, HubCon, ASUG and SANS, among others.

Sergio was also the main developer of Onapsis Bizploit (the first open-source SAP Penetration Testing Framework) and the architect of Onapsis X1 (the ERP Security Suite), generating new and innovative security checks for both products.

In terms of consultancy, Sergio has been involved in different kinds of projects related to the SAP Security ecosystem, such as auditing SAP Implementations, defining and implementing SoD rules, performing SAP Security Assessments, SAP Penetration Tests, and also helping SAP customers during SAP Incident Responses.

ERP Security & IT General Controls: ‘Questions Every Organization Needs to Ask’
10/01/2019 | By
Sergio Abraham
|
Research

ERP Security & IT General Controls: Questions Every Organization Needs to Ask

A recent IDC survey reports that 64% of organizations have suffered an ERP system breach in the past 24 months. To ensure that your organization has the proper processes and controls in place to keep SAP and Oracle E-Business Suite business-critical applications secure and in compliance, we are providing guidance and questions to ask.
Blog Banner
06/06/2019 | By
Sergio Abraham
|
Research

Automating SOX Controls Testing

With ERP systems, such as SAP and the Oracle E-Business Suite (EBS) at the core of your business, these systems also must be a focus of your SOX audit. Business-critical applications including your financials are supported by your ERP systems and issues can easily become material weakness. As a result, it is necessary to stay up-to-date regarding what different industries are doing to protect the integrity of financial statements while reducing the costs of implementing and testing the internal controls.

Categories

Newsletter

Subscribe to our monthly newsletter, the Defender's Digest!

Subscribe

Meet the Authors

Secure your 
business-critical SAP,
Oracle, Salesforce
and SaaS apps

Get a firsthand look at the visibility, reporting and automation capabilities provided by The Onapsis Platform by scheduling a personalized demo with our application security experts.

Request a demo