HF 2022 - Appel aux conférences

Vos préférences linguistiques ont été sauvées. Nous pensons que nous avons une bonne traduction française, mais si vous rencontrez des problèmes ou des erreurs, veuillez nous contacter !

Up Close & Personnel
30 oct. , 09:00–09:50 (Canada/Eastern), Track 1
Langue: English

You work hard to defend against internet based threats but how prepared are you when the attacker is on the literal doorstep? This session will provide a better understanding of the onsite attack surface and some of the more common, practical attack techniques that can result in a difficult to detect network compromise. Attendees will gain a better understanding of the role of Information Security as it pertains to Physical Security and be better equipped to identify gaps in their defenses before they are exploited.


Title/Bio Slides - Indicating the presentation an providing brief professional background

Talk Topic Slide - Discussing the issue presented, listing areas that will be covered, setting framework for the audience.

Perimeters - Discuss the onsite perimeter types and the difference between attacker and defender understanding of perimeters
-Wireless Perimeters
-Physical Perimeters
-Social Engineering Perimeters

Risk - Discuss the attacker's approach to risk in relation to executing onsite attacks.

Attacks - Cover the attacks available against the different perimeters
-Wireless Client
-Wireless Infrastructure
-Other wireless devices
-Bypassing Physical Controls
-Defeating Physical Controls
-In-person Social Engineering

Hybrid Attacks - Leveraging multiple tools and techniques to execute a complete attack.

Remediation - Suggestions, warnings of common pitfalls and a call to action.

Q&A/Exit Slides

Majority of the time is spent on the different attacks, followed by understanding the onsite attacker mindset


Est-ce que vous publiez un outil? – non Est-ce que cette présentation a déjà été donnée? – oui

Chris Carlis is an unrepentant penetration tester with an extensive background in network, wireless and physical testing. Across his career, Chris has worked to expand the value offensive testing provided via open communication and goal driven engagements. These experiences lead Chris to co-found Dolos Group with a focus on Red/Purple Teaming, security education and training. Additionally, Chris has presented at a variety of conferences, including Thotcon, Hushcon, Hackfest, FS-ISAC, and various B-Side events. He is a perennial volunteer at the Thotcon conference in his native Chicago and helps to organize multiple Chicagoland “BurbSec” information security monthly gatherings.