http://www.csoonline.com/article/701040/how-to-sneak-into-a-security-conference By Joan Goodchild Senior Editor CSO February 28, 2012 When I checked in at the RSA 2012 conference, I was directed to wear my badge at all times. "You won't be able to go anywhere without it," a registration official informed me. But this does not seem to be an obstacle for my anonymous source, whom I met on the first day of the conference. A risk management and physical security expert, he is in the business of "pen-testing humans" via social engineering, he said, and he also has an expertise in event security. I met him while I was covering the event, and he agreed to give me details of how he snuck into RSA in a matter of minutes without any credentials—and then went back and got credentials under a fake name to boot. My source was in the area attending the nearby B-Sides security event, and he had a B-Sides staff badge because he was working during some of that conference. Although he had not registered for RSA, he decided to wander over and see what was going on. "I walked in, walked around, cased the place for a few minutes," he explained to me. "I saw where all the entry points were located and where the security guards where standing." [...] ______________________________________________________________________________ CISSP and CEH training with Expanding Security is the fastest, easiest way to grock the relevant data you need now. A free class invite is in every PainPill. Sign up for the free weekly PainPill. It's that easy. http://www.expandingsecurity.com/PainPillReceived on Wed Feb 29 2012 - 00:31:52 PST
This archive was generated by hypermail 2.2.0 : Wed Feb 29 2012 - 00:30:39 PST