DEF CON Training

Chris Forte - Offensive Physical Security and Access Control $1,400

Name: Chris Forte - Offensive Physical Security and Access Control $1,400
Brand: DEF CON Training
Price: 1400.0 USD
Availability: InStock

Training description:

Offensive Physical Security and Access Control offers a comprehensive review of various physical security controls, how they are leveraged in the scope of both residential and commercial environments, how these controls can be exploited, and how we can improve our overall security with this information in mind. Starting with the basics of various types of controls and solutions (locks, doors, windows, gates, digital locks, and access control systems, etc.), we seek to understand how they work at a fundamental level and how they can be integrated into more complex systems. With an understanding of these devices, we will then look at how various bypasses exploit gaps between these controls within an interconnected system and how we can work towards mitigating these risks. Through the introduction of an adversarial mindset, we will learn how security can be compromised by the various tactics used by attackers.

To start the course, students will gain hands-on experience bypassing controls through lock picking and bypass attacks that target vulnerabilities within specific types of locks. This hands-on experience will drive a deeper understanding of our most fundamental security devices and pave the way for a broader understanding of how to attack, and therefore defend, more complicated systems and solutions. Throughout this introduction, a mindset will be introduced that approaches each control as a puzzle and tries to place the students in the shoes of an attacker.

As the class moves on, additional security risks will be shown and more complex environments introduced. To end the course, we will review the process of auditing a system, leveraging various sources of information to plan an attack, exploiting specific controls, and putting these concepts into the scope of physical red teaming or penetration testing.

Students will leave with a better understanding of considerations when protecting both their personal property, as well as commercial facilities. Some of the concepts and skills presented include the following:

- Legal considerations when dealing with security research

- Various types of locks and associated vulnerabilities

- Abusing locks in the scope of a larger system

- Attacking systems as a whole and identifying the root causes of the vulnerabilities

- Security ratings and certifications

- Locksmithing from a “hacker’s” perspective

- General security concepts

- Residential and commercial security concerns and attacks

- Covert vs destructive entry

The intent of this course is to drive awareness of various vulnerabilities in commonly utilized security products and provide a path forward to reduce or manage your attack surface. This practical approach to security will instill you with the confidence and capability to assess the effectiveness of various security controls and enable you to make more informed decisions when securing an environment.

Course overview:

Introduction (1 hour)
A. About Me
1. Professional background
2. Personal motivation for security awareness
3. Community outreach and involvement
B. Legal Disclosure
1. Rules of lock picking and locksport
2. Laws around different types of tools
3. Legal implications of skills taught
C. Class Introductions (gathering an idea of intent and interest)
1. Backgrounds
2. Concerns
3. Reasons for attending
D. General Introduction to Physical Security
1. Where do we encounter it?
2. Residential Security Intro
3. Commercial Security Into
4. Cybersecurity and relationship to Physical Security
D. Course overview
1. Review concepts in class
2. Provide some background to the structure of the course

II. Locks
A. Different types of locks (1 hour)
1. Warded Locks
2. Pin Tumbler
i. Classic non-removable cores
ii. Interchangeable cores
3. Tubular Locks
4. Dimple Locks
5. Wafer Locks
6. Disk Detainer Locks
7. Other High Security Locks
i. Master keyed systems
ii. Magnets!
iii. Sidebars, biaxial pins, security pins, and other high security features
iv. Cross or cruciform locks
v. Lever tumbler locks
8. Electronic Locks
9. Combination Locks
10. The other stuff
i. Handcuffs and restraints
ii. Zip ties and tamper resistent devices
iii. Etc.
B. Different use-cases of locks (1 hour)
1. Padlocks
i. Locking mechanisms (ball bearing vs spring loaded)
ii. Layers of protection
iii. Different applications of padlocks
2. Deadbolts
3. Mortise Locks
4. Core / lock formats
i. SFIC, LFIC, KiK, etc.
5. Electronic locks
i. Introduction and current landscape
ii. Watch for mechanical overrides
6. Safes
i. Electronic, dial, keyed
C. Supporting Features (30 min)
1. Latches
i. Security features like dead latches
ii. Bypassing latches
a. Magnets, slipping, and poor door fitment
2. Hinges
3. Levers
i. Safety standards and considerations
ii. Under-the-door
iii. Over-the-door
4. Thumb-turns
i. There's a device for that
D. Lock Ratings and Certifications (30 min)
1. ANSI, BHMA, UL, CEN, BSI, etc.
2. How certifications are handled
3. What does this mean for us (criminals vs the rest)
E. Re-keying Locks (30 - 60 min)
1. How do we change keys and rotate access
2. Repinning cores
3. Key cutting
F. Lock vulnerabilities (3 hours)
1. As seen on TV
2. Picking
3. Bypasses
4. Common attacks
i. Bumping, over-lifting, zip picking, tubular picks, pick guns, and more
5. Destructive entry
i. Review differences between covert, destructive, and surreptitious
ii. Fun ways to break a lock
6. Decoding
7. Impressioning and key making
i. Pulling keys from images
ii. Casting keys
iii. 3D printing keys
8. "Default" keys and credentials
i. "Standard" keys you can buy
9. The other stuff
i. Imaging lock cylinders
ii. Sound analysis to reverse keys
iii. Impact and vibrations
iv. Making your own tools

III. General Physical Security Concepts (1.5 hours)
A. Defense-in-depth
B. Risks, Threats, Vulnerabilities
C. Balancing cost with risks
D. Additional concepts applied to both cybersecurity and physical security
1. Threat Modeling
2. Breaking things correctly (failing in your favor)
3. A less technical approach to policies, procedures, and guidelines
4. Pentesting vs Red Teaming
i. A personal take
5. Install with caution
E. Security vs Safety
1. Consider safety, fire code, and other regulations trying to protect you
F. Social Engineering
1. How the weakest part of your lock could be the people
2. Relevance to physical security
3. Information disclosure (or leakage) and OSINT
i. Knowing what others know

______

NOTE: Section three will end the first day and be reviewed on the second day to give more context to the topics in the second day
______

IV. Residential Security (1 hour)
A. Overview of different "controls" used within a home
1. Doors
i. Revisit locks in the context of your home
2. Garages
i. Physical and digital considerations
3. Windows and sliding doors
4. Cameras and Alarms
i. Networked devices
5. Perimeter and surrounding property
6. IoT and Network Security
i. Brief mention and relevance to your physical security
ii. Brief relevance to mobile credentials and RFID
B. Basic Car Security
1. Don't give criminals the keys to your house
2. General considerations
C. Breaking down effectiveness of different features
D. Bypassing various residential security systems
E. Increasing security with vulnerabilities in mind
1. Reinforcing your home
F. Planning for controls to fail
G. Don't over-engineer the lock surrounded by glass
1. Consider the weakest link

V. Commercial Security (2 hours)
A. Controlling access
1. Managing access to a larger group of people
2. Revisit master keyed systems
3. Digital access control
i. Badges, codes, and biometrics
ii. Protocols for access control systems
B. Different areas of interest within a facility
1. High-valued targets you might not expect
C. Bypassing and attacking access control systems
1. Badge readers and RFID
i. Man-in-the-middle attacks
ii. Stealing credentials
2. Digital credentials and bluetooth
i. Apps, the cloud, and fobs, oh my!
3. Keyed systems
i. Attacking master key systems
4. Motion sensors
5. Magnetic locks and other electronic latch systems
6. Crash bars and emergency exits
D. Mitigating some of our bypasses
1. How to make your access control systems stronger
C. Revisiting cost

VI. Security While Traveling (30 min)
A. A few things to consider while traveling
1. Biometrics, device security, checked bags, etc.
B. Hotel rooms
1. Doors
2. Safes
C. TSA locks

VII. Honorable Mentions and Summary (1.5 hour)
A. Honorable mentions
1. Tamper resistent devices and products
2. Security screws
3. Gates and vehicle barriers
B. Advancements in Security
1. Transitioning to convenience
i. Convenience in the scope of home owners, landlords, employees, manufacturers
2. Moving to a digital world
i. Smart devices
3. The cloud
C. Mock red team engagement
1. Context as to why we want this mentality
2. Information gathering
3. Planning and getting prepared
i. Scope, intent, targets, keeping proof of interactions, expectations, etc.
4. Different approaches to your behavior
i. Do you look like you should be there or are you in a tactical uniform?
5. The Engagement
6. Reporting and Remediation
D. Summary and Closing Remarks

VIII. Assessment of Skills Learned (30 - 60 min)
A. Basic lock picking challenge
B. Multiple choice assessment of basic concepts

IV. Questions, Comments, Concerns (1 hour)
A. Any questions or topics associated with the content
B. Where to go for more information
C. Communities engaged in security

______

# Schedule Overview:
## Day 1:
- Introductions (about 1 hour)
- Locks and traditional security products
- Info, theory, and overviews (2 hours)
- Lunch Break (30 - 60 min)
- Locks (continued)
- Picking tools and overview(30 min)
- Lock picking and bypasses (2 - 3 hours)
- Hands on
- General Security Concepts (30 - 45 min)
- End of Day One
- Summary and closing thoughts (15 - 30 min)

## Day 2:
- Overview of day 2 (15 min)
- General Security Concepts (30 - 45 min)
- Finishing up concepts and review before rest of content
- Residential Security (1 hour)
- Commercial Security (2 hour)
- Lunch (30 - 60 min)
- Honorable Mentions
- Travel and associated security devices (30 min)
- Tamper resistent devices and products (30 min)
- Other (15 min)
- Mock Red Team Engagement
- Tabletop exercise (1 hour)
- Assessment of Skills (45 - 60 min)
- Questions, Comments, Concerns
- Where to go next (15 min)
- Last minute questions (30 min)
______

Technical difficulty of the class (Beginner, Intermediate, Advanced) and any required experience or skills needed (Such as Python, knowledge of specific deep-learning algorithms, TCP dump analysis, Ghidra, etc.)
- Intermediate difficulty
- Students should have some exposure to general security concepts.
- Various hands-on skills will require some hand-eye coordination and ability to manipulate small tools and parts

Student skill level:

Intermediate

- Students should have some exposure to general security concepts.
- Various hands-on skills will require some hand-eye coordination and ability to manipulate small tools and parts

What should students bring to the Training?:

No prerequisites are required. Students can bring their own locks, tools, or questions to address as a class. Online lock picking resources can be referenced in preparation but these topics will be covered in class.

Bio:

Christopher Forte is a security researcher, technology enthusiast, and cybersecurity professional. With experience ranging from software development to physical red teaming, he is passionate about keeping security and various forms of engineering at the center of his focus. Christopher leads his local TOOOL chapter and is a co-founder of the DC702 group.

Trainer(s) social media links:
- twitter.com/chris__forte
- linkedin.com/in/itschrisforte

DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: Chris Forte

- 16 hours of training with a certificate of completion.

- 2 coffee breaks are provided per day
- Note: Food is not included

Registration terms and conditions:

Trainings are refundable before July 1st, the processing fee is $250.

Trainings are non-refundable after July 10th, 2023.

Training tickets may be transferred. Please email us for specifics.

Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.

By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.

$1,400.00