Deviant Ollam

But that was a great day because we, you know, this little Nowheresville facility, they had a really sharp, head of security, who had been coming to DEF CON and Black Hat, watching talks like mine, really investing and upgrading their locks and their access control credentials. And even after that, he's like, oh, you did clone, you made the ESP key. We're going to revamp our backhaul protocols.

But that was a great day because we, you know, this little Nowheresville facility, they had a really sharp, head of security, who had been coming to DEF CON and Black Hat, watching talks like mine, really investing and upgrading their locks and their access control credentials. And even after that, he's like, oh, you did clone, you made the ESP key. We're going to revamp our backhaul protocols.

For a little nowhere factory in nowhere. Nowhere. Not subject to threats and not subject to robber. The most threat they probably have is people trying to break in and, I don't know, steal copper or something. You know, like rural threats are not the same as an urban environment where you have a lot more

For a little nowhere factory in nowhere. Nowhere. Not subject to threats and not subject to robber. The most threat they probably have is people trying to break in and, I don't know, steal copper or something. You know, like rural threats are not the same as an urban environment where you have a lot more

potential risk of different kinds but no this one guy he was really all about it and he took it to heart he taught he had a lot of buy-in from management and everyone was just they were pleased and proud of their people we told them keep investing in your people they like it here make sure they keep liking it here because they are the best line of defense that we've ever come across you were caught um do you consider this a caught do you consider this a fail does this is this the only time you've ever been caught or have you been caught before

potential risk of different kinds but no this one guy he was really all about it and he took it to heart he taught he had a lot of buy-in from management and everyone was just they were pleased and proud of their people we told them keep investing in your people they like it here make sure they keep liking it here because they are the best line of defense that we've ever come across you were caught um do you consider this a caught do you consider this a fail does this is this the only time you've ever been caught or have you been caught before

I will consider it a caught. I won't consider it a fail because if you're doing your job right, this is the best success you could have. We got caught for all the right reasons, and I'd like to get caught like that much more in the future by companies that have employees that... actually care about what's going on.

I will consider it a caught. I won't consider it a fail because if you're doing your job right, this is the best success you could have. We got caught for all the right reasons, and I'd like to get caught like that much more in the future by companies that have employees that... actually care about what's going on.

The only way you get that is if you have a real nice environment where you're treating people well, not just as meat grinding through the mill, right? You actually have to make people want to work there by rewarding them, by paying them properly, by giving them real benefits. That's the only time we've been caught and didn't bluff our way out of it, talk our way out of it.

The only way you get that is if you have a real nice environment where you're treating people well, not just as meat grinding through the mill, right? You actually have to make people want to work there by rewarding them, by paying them properly, by giving them real benefits. That's the only time we've been caught and didn't bluff our way out of it, talk our way out of it.

Most of our jobs, we get a list of sensitive assets or sensitive areas from the client. And we say, what, you know, would accessing this asset or being in this space represent a severe breach? Would a bad actor in this space have the ability to severely compromise operations or cause severe impact? Once you have that list of assets, you formulate a series of attack chains.

Most of our jobs, we get a list of sensitive assets or sensitive areas from the client. And we say, what, you know, would accessing this asset or being in this space represent a severe breach? Would a bad actor in this space have the ability to severely compromise operations or cause severe impact? Once you have that list of assets, you formulate a series of attack chains.

You sit with your team after a lot of recon, and you say, all right, so do we think it's smart enough to go to this one first, or should we try to go through this one? We've identified where these assets are, which parts of the buildings and the grounds. Okay, so which team is best suited to position here, here, here? And you come up with a plan. And if one team gets burned,

You sit with your team after a lot of recon, and you say, all right, so do we think it's smart enough to go to this one first, or should we try to go through this one? We've identified where these assets are, which parts of the buildings and the grounds. Okay, so which team is best suited to position here, here, here? And you come up with a plan. And if one team gets burned,

You'll say, okay, well, that team is – all right, they might have gotten noticed, might have not. Let's pull them back. Let's get off campus. They just became Overwatch. They're running a drone. They're running long-range cameras. They're back at the base on radios. Let's put another team in. We do a lot of rotating out of rental cars where you go back to Hertz or National or somebody.

You'll say, okay, well, that team is – all right, they might have gotten noticed, might have not. Let's pull them back. Let's get off campus. They just became Overwatch. They're running a drone. They're running long-range cameras. They're back at the base on radios. Let's put another team in. We do a lot of rotating out of rental cars where you go back to Hertz or National or somebody.

You say, oh, this car is pulling to the left a little bit. They say, we have another one. We said, do you have a different model, maybe a really different color? Because if somebody's seen that weird car in the parking lot. So there was a job like that. It was meticulous. And we had, it was a large job. There were probably three or four different field teams at any given time of pairs of people.

You say, oh, this car is pulling to the left a little bit. They say, we have another one. We said, do you have a different model, maybe a really different color? Because if somebody's seen that weird car in the parking lot. So there was a job like that. It was meticulous. And we had, it was a large job. There were probably three or four different field teams at any given time of pairs of people.

This job was the kitchen sink, man. This job had case upon tons of Pelican cases shipped in. It was close enough that I could, it was many states away from where I was at the time, but I was living in Montana. I just said, I'll drive. If the budget's there for me to draw, I'll make it a couple day drive. And my truck was, I mean, we brought the works, man. We had a 3D printer in the Airbnb.

This job was the kitchen sink, man. This job had case upon tons of Pelican cases shipped in. It was close enough that I could, it was many states away from where I was at the time, but I was living in Montana. I just said, I'll drive. If the budget's there for me to draw, I'll make it a couple day drive. And my truck was, I mean, we brought the works, man. We had a 3D printer in the Airbnb.