To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Faham!
Artwork

Tech Blackhat Breifings And Training Blackhat Usa 2005 Black Hat Vegas Blackhat Vegas Hacking Computer Security Speeches Presentations Spoken Word Video Audio Tech News Jeff Moss Podcasting Conventions
Kandungan disediakan oleh Black Hat / CMP and Jeff Moss. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Black Hat / CMP and Jeff Moss atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.

Sama dengan Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Get it on App Store Get it on Google Play

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference « »
Joseph Klein: The Social Engineering Engagement Methodology - A Formal Testing process of the People and Process

40:54
 
Main
Sedang dimainkan
Kongsi
 

MP3Laman utama episod
Manage episode 155121483 series 1146744
Kandungan disediakan oleh Black Hat / CMP and Jeff Moss. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Black Hat / CMP and Jeff Moss atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
The security of an organization is composed of technology, people and processes. In the last few years, many organizations have done a good job addressing technology but have focused very little on the people and processes. This presentation reviews the formal methodology for performing Social Engineering Engagements. The method is divided into four sections including the Pre-Engagement, Pre-Assessment, Assessment and Post-Assessment. The Pre-Engagement, is the sales process for performing the assessment. In this section, we will review the business justification and headlines of current attacks. Pre-Assessment if focused on identifying the scope of the project, limitation, targets and attack vectors. Also included are examples of what information must be gathers for use in the assessment and post assessment phase. The most interesting and tedious part is the actual assessment. In this section, we will discuss how to engage the target, utilize company information, how to achieve the goal and what to do when you are caught. Included in this section is also how and what to document about every contact. Post assessment is the analysis and reporting phase. In it, we will review documenting findings, and mapping them to recommendations. Joe Klein, CISSP is Senior Security Consultant at Honeywell and a member of the IPv6 Business Council. He performs network, application, web-application, wireless, source-code, host security reviews and security architecture design services for clients in the commercial and government space Prior to joining Honeywell, Joe worked as a consultant performing attack and penetration assessments for many significant companies in the IT arena. While consulting, Joe also taught "Hacking and Incident Handling", "IDS/IPS management" and "Managing Network Security" at a local college in Jacksonville Florida. He regularly speaking at conferences including Defcon, InfoSecWorld, PhreakNic and regional meetings including Infragard, ASIS and ISSA.>
  continue reading

61 episod

#Tech #Blackhat Breifings And Training #Blackhat Usa 2005 #Black Hat Vegas #Blackhat Vegas #Hacking #Computer Security #Speeches #Presentations #Spoken Word #Video #Audio #Tech News #Jeff Moss #Podcasting #Conventions
Artwork

Joseph Klein: The Social Engineering Engagement Methodology - A Formal Testing process of the People and Process

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

published

Main Sedang dimainkan
iconKongsi
 
MP3Laman utama episod
Manage episode 155121483 series 1146744
Kandungan disediakan oleh Black Hat / CMP and Jeff Moss. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Black Hat / CMP and Jeff Moss atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
The security of an organization is composed of technology, people and processes. In the last few years, many organizations have done a good job addressing technology but have focused very little on the people and processes. This presentation reviews the formal methodology for performing Social Engineering Engagements. The method is divided into four sections including the Pre-Engagement, Pre-Assessment, Assessment and Post-Assessment. The Pre-Engagement, is the sales process for performing the assessment. In this section, we will review the business justification and headlines of current attacks. Pre-Assessment if focused on identifying the scope of the project, limitation, targets and attack vectors. Also included are examples of what information must be gathers for use in the assessment and post assessment phase. The most interesting and tedious part is the actual assessment. In this section, we will discuss how to engage the target, utilize company information, how to achieve the goal and what to do when you are caught. Included in this section is also how and what to document about every contact. Post assessment is the analysis and reporting phase. In it, we will review documenting findings, and mapping them to recommendations. Joe Klein, CISSP is Senior Security Consultant at Honeywell and a member of the IPv6 Business Council. He performs network, application, web-application, wireless, source-code, host security reviews and security architecture design services for clients in the commercial and government space Prior to joining Honeywell, Joe worked as a consultant performing attack and penetration assessments for many significant companies in the IT arena. While consulting, Joe also taught "Hacking and Incident Handling", "IDS/IPS management" and "Managing Network Security" at a local college in Jacksonville Florida. He regularly speaking at conferences including Defcon, InfoSecWorld, PhreakNic and regional meetings including Infragard, ASIS and ISSA.>
  continue reading

61 episod

#Tech #Blackhat Breifings And Training #Blackhat Usa 2005 #Black Hat Vegas #Blackhat Vegas #Hacking #Computer Security #Speeches #Presentations #Spoken Word #Video #Audio #Tech News #Jeff Moss #Podcasting #Conventions

Semua episod

×
 
Loading …

Selamat datang ke Player FM

Player FM mengimbas laman-laman web bagi podcast berkualiti tinggi untuk anda nikmati sekarang. Ia merupakan aplikasi podcast terbaik dan berfungsi untuk Android, iPhone, dan web. Daftar untuk melaraskan langganan merentasi peranti.

 

Sama dengan Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Dengarkan lebih 500+ topik
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Get it on App Store Get it on Google Play

Panduan Rujukan Pantas

Podcast Teratas
Buah Mulut
Rencam Podcast
Player FM logo
Bantuan/Soalan Lazim | Naik taraf | Advertise
Seni|Perniagaan|Komedi|Ekonomi|Hiburan|Berita|Politik|Agama
Sains|Bolasepak|Sukan|Bercerita|Teknologi|True Crime
Hak Cipta 2024 | Peta Laman | Dasar Privasi | Syarat Perkhidmatan | | hak cipta
Episode being played series thumbnail
icon icon
Kelajuan
Tetapan Siri
1x
1x
Volume
100%
icon
icon icon
/

Lihat Player FM di ...
Player FM
Browser
Chrome
Safari
Firefox