What the Hack? Episode 214: DEF CON Redux with Rachel Tobac!
Aug 26, 2025
Rachel Tobac, CEO of SocialProof Security and a social engineering expert, dives into the often-overlooked vulnerabilities of human behavior in cybersecurity. She shares how becoming a harder target can deter attackers. From the fascinating art of social engineering to the ethical dilemmas of penetration testing, Rachel discusses modern threats like AI voice cloning. Learn practical strategies to minimize your digital footprint and safeguard your personal information from savvy cyber threats.
AI Snips
Chapters
Transcript
Episode notes
From DEF CON Novice To Social Engineer
- Rachel Tobac started social engineering after trying DEF CON's live booth and placed second three years running.
- Companies approached her to train teams, which led to founding SocialProof Security in 2017.
Rapport Is A Scalable Performance
- Social engineering is essentially rapid rapport-building like improv, turned into a spectator sport.
- The audience participates and celebrates the performers, which improves attackers' craft.
Test Protocols By Mimicking Real Attacks
- Update protocols by imitating real criminal tactics to see what actually works and fails.
- Train teams to recognize low-tech phone attacks and link public info to phone-based exploitation.