Sergio is an SAP Security Specialist and Researcher at Onapsis. As one of the first members of the Onapsis Research Labs, he is responsible for the research of diverse scenarios and configurations of SAP pplications, as well as the development and delivery of blog posts, SAP security in-depth publications, papers and webcasts, as well as Security Conference talks and trainings.
As a result of his experience in the industry, Sergio has discovered and published several SAP Security vulnerabilities affecting diverse SAP components. He has been invited to speak and host trainings at well recognized industry conferences such as Ekoparty, HubCon, ASUG and SANS, among others.
Additionally, Sergio was the main developer of Onapsis Bizploit (the first open-source SAP Penetration Testing Framework) and the architect of Onapsis X1 (the ERP Security Suite). He has generated new and innovative security checks for both products.
In terms of consultancy, Sergio has been involved in different projects related to the SAP security ecosystem, such as auditing SAP Implementations, defining and implementing SoD rules, performing SAP security assessments, SAP Penetration Tests, and also helping SAP customers during SAP incident responses.