SANS Cyber Defense Initiative® 2020 Live Online: 30+ Interactive Courses | Virtual NetWars Tournaments. Save $300 thru 11/18


To attend this webcast, login to your SANS Account or create your Account.

Your Pen-Test has a Glaring Weakness - Emulating the Attackers Better with Social Engineering

  • Monday, March 10, 2014 at 1:00 PM EDT (2014-03-10 17:00:00 UTC)
  • James Lyne, Dave Shackleford

You can now attend the webcast using your mobile device!



Over the past few years penetration testing has grown by leaps and bounds in being recognized as a key security capability for every enterprise. So too have the capabilities of penetration testers in emulating the high end technical attacks of cyber criminals, hackers or even nation states. Unfortunately, in our experience many organizations are still missing a primary attack vector - one that many attackers have used incredibly successfully over 2013 - social engineering. Gone are the days of sophisticated attackers' social engineering attempts being misspelt, overtly suspicious phishing e-mails (though they will never entirely disappear) and bring on the future of cleverly crafted attacks which ask the user nicely to hand over data.

In this webcast we will discuss the need for social engineering in penetration testing programs, how to avoid the common pitfalls (legal, ethical and technical) and a few top techniques that have a strong history of success from our penetration tests. Learn how awesome social engineering can be and build better awareness of attacks against the human.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

James Lyne

James is Head of Research and Development and CyberStart Creator at SANS Institute. He is a hands-on, technically advanced security practitioner whose commitment to educating those outside of the industry has led him to create and deliver cyber security training programmes across the world. His extensive technical knowledge combined with an energetic and passionate attitude has meant that he is a frequent industry advisor as well as a respected spokesperson for the industry.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.