Threats And Countermeasures - Human Factor And Physical Security presented at House Con 2010

by Jim Broome (Accuvant Labs),

Tags: Exploitation Social Engineering Risk


Summary : Securing the information assets of an enterprise has never been so important or so complicated. The past several years have seen a significant increase in the number of security threats and vulnerabilities and significant advancements in attack methodologies with new tools, techniques, and attack vectors being released on a weekly basis. This lively, interactive discussion will review the latest in current vulnerabilities and tools for ensuring security. In this presentation, attendees will learn about the latest attacks, tools, and techniques employed by today's hackers, as well as countermeasures that can help protect against these attacks.

Among the topics of discussion:

1. Social Engineering (Phone Based Attacks, Email and Web Based Phishing Attacks, Physical Entry Attacks)
2. Physical Security (Lockpicking for the Lazy, RFID / Prox Card Cloning)
3. Stories from the field

Jim Broome: Jim Broome, an information security industry veteran with two decades of experience in the field, is a Director of Accuvant’s assessment team and also acts as the technical lead for the Accuvant LABS practice area. Broome has performed innumerable consultative engagements including enterprise security strategy planning, risk assessments, threat analysis, application assessments, network assessments, penetration testing and wireless security assessments for a large number of Fortune 500 clients. Prior to joining Accuvant, Broome was a Principal Security Consultant for Internet Security Systems (ISS) and a member of the X-Force penetration testing team. Before X-Force, he was the Director of Network Operations for, a managed service provider exclusively for credit unions. He also is one of the original authors of several training programs, including Checkpoint Software’s CCSA/CCSE program, Jim is a well regarded security/technology instructor and mentor to many administrators and IT management organizations. Broome is a Certified Information Systems Security Professional (CISSP), a Checkpoint Certified Security Engineer (CCSE), a NetScreen Certified Security Associate (NCSA), and an ISS-Certified Engineer.