Vincent Matteo is a security researcher and a senior penetration tester at Seven Layers where he focuses on securing small to medium-sized businesses. Vincent is an Air Force veteran as well as a veteran of the technology world with over 30 years of experience -- 20 years of which spent running Seven Layers. Vincent is an author, a previous speaker at Grrcon, BSides, and Snowtalks security conferences, and a recreational bug bounty hunter with 17 CVEs. In his spare time, Vincent drinks copious amounts of coffee, he enjoys petting his two dogs, and when he’s not in front of a computer, he’s out running hundred-mile ultramarathons.
In this talk, we’ll explore the steps an attacker might use to mask their identity, hide their tracks, and we’ll examine some real-world scenarios from over the past year where full compromise had been accomplished through human error, seemingly harmless configurations, and vulnerable products. We’ll then explore avenues for engaging employees and management through gamification and we’ll outline several cost-effective measures to create a more hardened environment.