In this session, we will explore a number of commonly used and highly effective tactics to prepare for a social engineering exercise.
Knowledge was once considered to be power and the birth of the Internet has shifted the power base in a different direction. The biggest challenge now is locating the useful information in the sea of noise and then being able to interpret in a meaningful way.
We will work through some examples of Open Source Intelligence (OSINT) practices, some great free resources and ultimately how this information can be used for penetration testing.
Everything positive can be turned into a negative, so we will also use this as an opportunity to show you how to ensure you have a managed digital footprint and minimise the opportunity for identity fraud and compromise.
About Ian Maxted
Ian Maxted (@Ian44CON) is a former TigerScheme penetration tester and trainer. Using his experience in the information security world, coupled with a good underpinning knowledge of fraud and criminal behaviours, Ian focuses on the biggest weakness in any organisation and its people. Working as a senior leader, mentor and coach, Ian has experience in operating in command and control situations, offering both strategic and tactical leadership. This combination of skills has resulted in an ability to troubleshoot difficult challenges under pressure. A firm believer that prevention is better than the cure, he always seeks ways to proactively reduce risk and unnecessary demand, allowing the organisation to focus on delivering the capability or service that makes it unique.
Ian heads up crew operations for 44CON, the UK's premier information security conference, and provides product evaluation for Cortex Insight (one of our premium event sponsors).