Why DLP Won't Save You: The Poison Was in the Glass, Not the Drink

Presented at ToorCon San Diego 13 (2011), Oct. 9, 2011, 12:30 p.m. (20 minutes)

I had some time before the contest to put together a report on my findings, having followed the rules which dictated that I was forbidden from contacting the actual target company. All of the interesting stuff happened during the one night I went full-bore and stayed up until 5am feverishly slurping documents down from the intertubes and pumping them into FOCA for their juicy meta data. I know you've probably heard "Yeah there are tons of juicy tidbits of data you can find", but even I was surprised to see some of this stuff.

Presenters:

  • Dan Tentler / Viss as Dan Tentler
    So I've spent the last few years talking to people about social engineering and kinesics, and trying to educate folks about how these things come into play when dealing with information security. This year at DefCon I enlisted myself into the social engineering capture the flag contest. I wasn't the winner but the time I spent doing recon showed me several things that really raised my eyebrows, and I'd like to share those things. This year my talk WONT be in comic sans! :D Bring a beer and join me!