Hello

Samantha Isabelle Beaumont (@PANTH13R, beaumont.io) is a Dive Master and Senior Cyber Security Consultant whose goal in life is to learn what makes anything tick.

Her primary focus areas are Embedded Systems, Red Teaming, and Network Penetration Testing - with additional focus areas being Vulnerability Research, Architecture, and Digital Forensics.

Sam works extensively with Automotive, Industrial Control Systems (ICS), Internet of Things (IoT), Biometrics, Medical, Consumer and Financial Hardware & Electronic Point of Sale Systems (ePOS). She leads numerous Security Initiatives and Penetration Tests, building several specialised Security Frameworks and training materials along the way.

To discover more, or easily reach out to Sam, be sure to check her LinkedIn or Twitter.

Contact

The easiest methods to contact Sam are by E-Mail, Twitter or LinkedIn.

  • E-Mail E-Mail: hello@beaumont.io

Sam is happy to be contacted for research assistance, opportunities or general connections and networking discussions.

The Frequently Asked

Critical_System_Command: CHANGE_OF_STATE_REQUESTED
Critical_System_Console: FIRST_PERSON_MODE_ACTIVATED

''Where is the rest?''

The Operational Security of my clients is paramount; thus I deliberate on what I disclose here, how, and when. Sometimes, that does mean it may take me a year or two to make any significant updates.

''Opsec is important, but are you willing to be public?''

Short answer: yes. As long as what I am doing has nothing to do with my clients, a contract or their IP, I am all ears.

''Why don't you update your social more?''

Whilst I love it, and would not trade it for an alternative - travelling all over the world and working 24/7 can sometimes make normal life a little harder to keep up with than I can express online. What I can tell you is watch this space; there are many works in the pipeline.

''What do you like to do that isn't InfoSec?''

Travel, Surf, Scuba, Hike, Sail, Race, Game, Bike, Snowboard, Sled....you know, normal, everyday person things. I am an addict for learning. Feel free to contact me here if you want to talk about a skills trade: I can teach you something, and you can teach me something.

''How can we tell you about problems we have found?''

Feel free to use any details you find here as a method for reaching out to me directly. I do my best to respond as fast as I can, but my travel schedule can sometimes throw some wrenches.

Projects

Sam has worked with various InfoSec specialties with numerous clientele and technical solutions; the following table is a censored, disclosable selection of her work:

À-LA-CARTE

Name Description Year
Medical IoT Radio Frequency Analysis of Medical IoT Solutions 2020
Secure Boot Exploitation Reverse Engineering and Novel Exploitation against Secure Boot Mechanisms and Security Software Solutions 2020
Embedded Systems Training Conducted Embedded Systems Classes for Candidates of Penetration Testing Skills Transfer 2020
Financial ePOS Network Penetration Testing on Financial ePOS Deployment Solutions 2019
IoT Training Building Specialised IoT Training, and Corporate Guidance for Enterprise & Home IoT Solutions 2019
ICS IIoTv4 Industrial IoTv4 Penetration Testing and System Review 2019
ICS Critical Safety Solutions ICS Critical Safety Control System Penetration Testing 2019
Smart Home IoT Embedded Testing against Smart Home Control ECU Modules 2019
Consumer ePOS Embedded and Radio Frequency Analysis Penetration Testing against Consumer Electronic Point of Sales 2019
ATMs Full-Scale Testing against Novel ATM Solutions 2019
ICS Enterprise Network Penetration Test on ICS Security Solutions 2019
Remote Key Entry Systems Radio Frequency Analysis on Automotive Remote Key Entry Solutions 2019
Telematic Control Systems Critical Testing of Automotive Telematic Control Systems 2019
Head Unit Systems Testing Automotive Head Units and ECU Subcomponents 2019
Automotive Ethernet Embedded Penetration Testing on Automotive Ethernet ECU Modules 2019
Financial IoT Radio Frequency Analysis on Financial Hardware Peripheral Solutions 2018
Enterprise Remote Access Modules Enterprise Scale Embedded and Wireless Penetration Testing against Financial Hardware Management Systems 2018
Remote Key Entry Systems Radio Frequency Testing against Automotive RKE Solutions 2018
Automotive Training Building and Presenting Specialist Automotive Training for OEMs 2018
Telematic Control Module Testing Advanced Penetration Testing on Automotive Telematic ECU Modules 2018
Head Unit Testing Advanced Penetration Testing on Automotive ECU Modules 2018
Consumer ePOS Electronic Point of Sale Embedded & Radio Testing 2018
Red Team Physical Red Team of Critical Building Security Assets and Incidence Response Test 2018
Automotive Security Building a Specialist Testing Harness for OEMs 2018
Automotive Security Building Automotive Security Framework / Testing Harness for OEMs 2018
Infotainment Unit Testing Conducting Testing on Automotive / Vehicle Hardware Subcomponents 2018
ATMs Full-Scale testing on ATM systems 2017
Radio Frequency (RF) Wireless Testing Wireless Penetration Testing via Software Defined Radio of Peripheral RF Equipment 2017
Wearable Devices Hardware disassembly and Reverse Engineering a wearable fitness tracker 2017
Enterprise Machines Network and Hardware Vulnerability Assessments on Office & Hospitality equipment 2016
Token Tagging Vulnerability Assessment on Entry Tagging Token Systems 2016

Impressive: that was a lot of reading. If you are interested in reaching out to Sam, reach her here.

Publications

Including references to disclosed and pending CVE's, below are a few appearances Sam can share and has made in the public domain.

CVE's & Public Appearances

Type Publisher Year
News Article Bluetooth Security in Contact Tracing 2020
News Article Connected Car Security 2019
CVE CVE-2019-PENDING - Currently in the disclosure and remediation pipeline 2019
CVE CVE-2019-PENDING - Currently in the disclosure and remediation pipeline 2019
News Article IoT Now Transport: Remote Security Dangers in Automotive 2019
CVE CVE-2017-14386 2017
News Article Amplify: Issue 5 - Cyber Resilience 2017
External Blog Synopsys, Inc. 2018
News Article The Herald 2015
Radio Interview Radio Scotland 2014
Television Interview Abertay University 2012