[ISN] How to sneak into a security conference

From: InfoSec News <alerts_at_private>
Date: Wed, 29 Feb 2012 02:31:52 -0600 (CST)
http://www.csoonline.com/article/701040/how-to-sneak-into-a-security-conference

By Joan Goodchild
Senior Editor
CSO
February 28, 2012

When I checked in at the RSA 2012 conference, I was directed to wear my 
badge at all times.

"You won't be able to go anywhere without it," a registration official 
informed me.

But this does not seem to be an obstacle for my anonymous source, whom I 
met on the first day of the conference. A risk management and physical 
security expert, he is in the business of "pen-testing humans" via 
social engineering, he said, and he also has an expertise in event 
security. I met him while I was covering the event, and he agreed to 
give me details of how he snuck into RSA in a matter of minutes without 
any credentials—and then went back and got credentials under a fake name 
to boot.

My source was in the area attending the nearby B-Sides security event, 
and he had a B-Sides staff badge because he was working during some of 
that conference. Although he had not registered for RSA, he decided to 
wander over and see what was going on.

"I walked in, walked around, cased the place for a few minutes," he 
explained to me. "I saw where all the entry points were located and 
where the security guards where standing."

[...]

______________________________________________________________________________
CISSP and CEH training with Expanding Security is the fastest, easiest way
to grock the relevant data you need now.   A free class invite is in every
PainPill.  Sign up for the free weekly PainPill.  It's that easy.
http://www.expandingsecurity.com/PainPill
Received on Wed Feb 29 2012 - 00:31:52 PST

This archive was generated by hypermail 2.2.0 : Wed Feb 29 2012 - 00:30:39 PST