Weaponizing Layer 8 presented at BSidesLuxembourg 2018

by Stefan Hager,

Summary : Do you think users are the weakest link in the security chain? Here is some duct tape to change that, and to raise the bar for social engineers and other attackers alike. Over the last few decades, sysadmins and people working in IT have called users names and generally rolled their eyes at the antics of those allegedly lazy, stupid and uneducated people.From PEBKAC to ID-Ten-T we have been calling them names and didn't want them on our networks. This way of destructive thinking needs an overhaul, and here are some easy tricks on how users can become the valuable asset in corporate security that indeed they should be. Finding creative solutions to existing problems have been a standard skill for red teamers, whereas those defending networks often rely on standards.Discover some creative solutions people have come up with to significantly raise their security - most of them are easy to implement - and how users can become a major asset of any security team.