Social Engineering Pentesting - Techniques, Considerations, and Ethical Implications

Explore the intricacies of social engineering pentesting in this comprehensive conference talk from NDC Security in Oslo, Norway. Delve into the increasing importance of testing the human element in cybersecurity, particularly through physical pentests and phishing exercises. Examine the ethical considerations and potential psychological impacts on employees subjected to these tests. Learn about the tools and processes used in physical social engineering tests through a detailed walkthrough of a previous engagement. Gain insights into the crucial post-engagement process, including how to create a positive learning environment and avoid blame games. Discover potential pitfalls in handling the aftermath of social engineering engagements and explore proposed solutions to common challenges. Equip yourself with the knowledge to make informed decisions and ask the right questions when considering cybersecurity tests for your organization's employees.