Episode 109: Ethical Social Engineering

Even the best pentesters out there can be fooled by a social engineering attempt under the right circumstances. But how do we treat the ones that have been tested and failed?

Ragnhild «Bridget» Sageng, Senior Security Advisor at Norwegian Customs, has several years of experience from the IT and cybersecurity industry, and hands-on experience working as an ethical hacker specialising in social engineering.

In her conversation with Robby, she shares what goes through her head during social engineering assignments, and discusses the importance of company culture and management expectations when doing these kinds of assessments.

Ragnhild is particularity interested in the other side social engineering and how we should meet the humans that are involved in these assignments. During this episode she explores what ethical responsibilities we have, what a pentester should demand from a company before accepting an assignment, and what a company should demand back from a pentester.