This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, June 15 • 12:45 - 13:15
NextGen Pentesting: Mobile, Cloud and Internet of Things

Sign up or log in to save this to your schedule and see who's attending!

Cloud backups and getting access to enterprise information on smartphones and tablets (now even watches and sunglasses) adds a ton on convenience, but as a slew of celebrities recently found out, the added functionality doesn’t come without its share of risk. If the door locks are hooked up to the network such that the head of physical security can let someone in in an emergency from the comfort of his home, that will be awesome for his home life, but what does having physical controls in Active Directory mean for an attacker? As penetration testers, we are tasked with simulating an attack and discovering vulnerabilities from missing patches to employees who click on weird links in emails. What are the new risks that our new enterprise network landscapes bring with them? And how can we effectively test for them? In this talk we will look at some of the vulnerabilities introduced by the introduction of mobile, cloud, and Internet of Things as well as testing techniques and methodologies to bring these pieces into our enterprise security assessments.  The talk will include demonstrations of attacks and suggestions for remediation. 

avatar for Georgia Weidman

Georgia Weidman

Bulb Security
Georgia Weidman is a penetration tester, security researcher, and trainer. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has presented her research at conferences around the world including Shmoocon, Hacker Halted, Security Zone, and Bsides. Georgia has delivered highly technical security training for conferences, schools, and corporate clients to excellent reviews.

Monday June 15, 2015 12:45 - 13:15
Room 2