Breaking and Entering: Lessons Learned from a Federal Penetration Tester

BSidesCharm 2018

Presented by: Joseph Misher
Date: Saturday April 28, 2018
Time: 16:00 - 16:50
Location: Track 2

From traditional crime to terrorist attacks, surveillance and preparation by the perpetrators often increases the likelihood of attack success. Based on this premise, DHS Federal Protective Service used penetration testing to simulate an adversary’s perspective of federal facilities’ security and test the recommended risk management processes. Gain valuable perspectives on how trusted security measures can be exploited, then explore ways to use this knowledge to improve security planning and implementation. Come away with lessons learned from real (and sometimes scary) tests, while focusing on how to improve security assessments and measures.

Joseph Misher

@josephmisher J. A. Misher is currently responsible for protective cyber operations policy and planning in the Department of Homeland Security's Federal Protective Service. In this capacity, he is responsible for merging two disciplines (cyber and physical security) throughout traditional law enforcement and security services. Since 2008, Misher has served in multiple capacities across intelligence, law enforcement, investigations, risk management and assessments. J. Misher is a 12 year Veteran with the USAF. He has taught at the Federal Law Enforcement Training Center, briefed senior staff in U.S. Congress, and graduate with academic honors from numerous training programs. J. Misher also holds a Bachelor of Arts in Jurisprudence where he graduated Summa Cum Laude and is a current Juris Doctorate candidate.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats