Description
Course info
Rating
(82)
Level
Beginner
Updated
February 12, 2016
Duration
1h 2m
Description

Despite how robust computer security may be, there remains a serious threat within any system: the people using it. Social engineering is an enormously powerful technique which exploits human weaknesses such as greed, fear and even attributes we consider positive such as sympathy and generosity, in order to compromise security systems and give an attacker access to sensitive information. In this Play by Play, Troy and Lars discuss various techniques that adversaries use to coerce their targets into performing actions that they wouldn't normally do. These range from very simple techniques that even your kids use, to sophisticated human manipulation practices designed to compromise large scale systems.

About the author
About the author

Troy is a Software Architect, Microsoft MVP for Developer Security and ASPInsider. He's a regular conference speaker, frequent blogger at troyhunt.com and is the author of the OWASP Top 10 for .NET developers series and the free eBook of the same name.

More from the author
Play by Play: Azure Beyond Websites
Beginner
1h 16m
14 Apr 2017
More courses by Troy Hunt
About the author

Lars is an author, trainer, Microsoft MVP, community leader, authority on all things Windows Platform, and part time crocodile wrangler. He is heavily involved in the space of HoloLens and mixed reality, as well as a published Pluralsight author, freelance solution architect, and writer for numerous publications.

More from the author
Play by Play: Xamarin Mobile Development
Intermediate
1h 17m
17 Mar 2017
More courses by Lars Klint
Transcript
Transcript

Hi, this is Troy Hunt, and in this play by play course you're going to see my good mate Lars Klint and I cover a heap of social engineering practices. You're probably already familiar with what social engineering is, even if you perhaps don't know it by that term. So, for example, if you see advertisements, you inevitably see social engineering. If you have kids like Lars and I, you probably see them attempt to socially engineer you many times over. We may not know it by that term, but both of those are great examples of psychological manipulation, which is what we're really talking about with social engineering.

You're probably also familiar with social engineering if you've ever received spam, particularly the kind that tends to come from Nigerian princes with large amounts of money that they want to exfiltrate with your help. They just need a few funds to get started. When it comes to social engineering in information systems, humans are the weak link, and social engineering attempts to exploit our flaws, flaws like greed and curiosity and even other attributes of our personalities that we'd normally consider to be very positive, so things like sympathy and courtesy. They're both behaviors that an adept social engineer is very good at exploiting.

Even the best protected systems can come undone when you put fallible humans into the mix, and often we become the weakest link. And in this play by play course you're going to see Lars and I take you through a number of different social engineering tricks which attackers have become very good at using in order to compromise both people and systems. We had a lot of fun creating this play by play course, and we hope you enjoy watching it.