Getting the most out of your covert physical security assessment - A Client’s Guide

DerbyCon 9.0 - Finish Line

Presented by: Tim Roberts, Brent White
Date: Friday September 06, 2019
Time: 16:30 - 17:00
Location: Stable Talks

As physical penetration testers, it's important to have that discussion with clients to help them understand what makes the most sense to include in physical security and social engineering assessments. Just like any other assessment type, there is often confusion with what's needed, verses what is realistic for their budget, deadlines, etc. This talk helps clients to understand the different physical assessment types, what's involved, what to ask for, as well as what things may or may not be necessary for your environment. Through this, we're hoping to take some of the guesswork out of your planning and budget requests to help you get the most out of your next physical and social engineering assessment.

Brent White

Tim and Brent are Senior Security Consultants within NTT Security’s Threat Services group with focus on physical intrusion, social engineering, and covert entry. Their experiences with traditional/non-traditional penetration testing techniques include network, wireless, social engineering, application and physical testing. These techniques have led to highly successful Red Team assessments against Corporate and Federal environments. By sharing their experiences, they hope to continue to contribute to the InfoSec community.

Tim Roberts

Tim and Brent are Senior Security Consultants within NTT Security’s Threat Services group with focus on physical intrusion, social engineering, and covert entry. Their experiences with traditional/non-traditional penetration testing techniques include network, wireless, social engineering, application and physical testing. These techniques have led to highly successful Red Team assessments against Corporate and Federal environments. By sharing their experiences, they hope to continue to contribute to the InfoSec community.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats