During this presentation, we’ll discuss proven methods of bypassing popular physical security controls and employees, using only publicly available tools and social engineering. You'll hear war stories from assessments that we have performed, and the frightening simplicity of gaining unauthorized physical access to many things from server rooms to Top Secret Ops rooms. These assessments will be broken down to discuss the various social engineering and physical security bypass methods and tools used, as well as remediation recommendations.
Tim and Brent are Sr. Security Consultants within NTT Security’s Threat Services group. They have developed Red Team and Social Engineering testing methodologies and have spoken at internationally recognized security conferences including DEFCON, DerbyCon, B-Sides, ISSA International, AIDE at Marshall Univ, Techno Sec & Forensics Invest. Con, and more. Tim has held management, IT and physical security roles across multiple industries, including healthcare and government. He is a regular contributor to NTT Security’s ‘#WarStoryWednesday' series, has developed methodologies for red team and social engineering assessments and has been featured in CSO on the subject of onsite social engineering. He is the founder of DC859 (the 859 area code DEFCON group) and is a core member for the DEFCON Conference “Groups” program. Both have been interviewed on the topic of “White hat hacking” for Microsoft’s “Roadtrip Nation” television series. Their experiences with traditional/non-traditional pentesting techniques include network, wireless, social engineering, application and physical testing. These techniques have led to highly successful Red Team assessments against corporate environments. By sharing their experiences, they hope to continue to contribute to the InfoSec community.
Tim and Brent are Sr. Security Consultants within NTT Security’s Threat Services group. They have developed Red Team and Social Engineering testing methodologies and have spoken at internationally recognized security conferences including DEFCON, DerbyCon, B-Sides, ISSA International, AIDE at Marshall Univ, Techno Sec & Forensics Invest. Con, and more. Brent is a Trusted Advisor for the Tennessee Department of Safety and Homeland Security on the topics of Physical and Cyber Security, is the founder of the Nashville DEF CON group (DC615), and is the Global Coordinator for the DEF CON conference “Groups” program. He has held the role of Web/Project Manager and IT Security Director at the headquarters of a global franchise company as well as Web Manager and information security positions for multiple television personalities and television shows on The Travel Channel. Brent has also been interviewed on the popular web series, “Hak5” with Darren Kitchen and BBC News. Both have been interviewed on the topic of “White hat hacking” for Microsoft’s “Roadtrip Nation” television series. Their experiences with traditional/non-traditional pentesting techniques include network, wireless, social engineering, application and physical testing. These techniques have led to highly successful Red Team assessments against corporate environments. By sharing their experiences, they hope to continue to contribute to the InfoSec community.