BSides Atlanta 2022

GAMBLING WITH SECURITY - Comparing Casino and Slot Machine Security with Corporate Security.
2022-08-27 , Room 460 - "Re-Ignite" track

When I first jumped into the Slot Machines and Casino industry, I was expecting a super airtight security system and procedures. What I found out was shocking. They were just the same as most corporate and government organizations if not worse in some cases. I have taken this on in three different angles as a Pen tester, gaming lab researcher and head of a slot development department.
Regulations for Casinos vary from state to state and mostly focus on financials and player fairness. When it does refer to system security it usually is vague, out of dat. Some gaming vendors take advantage of security testing while other do not and assume they are going to be in air-gapped environment. The trend continues today even with online gambling and wagering systems online.
This talk is meant to be fun as I am often asked; “How do you cheat a slot machine?”. Until now, I have never been allowed to answer and this will be my first public talk on the subject out of many!!

Scott currently leads the security research and development department for Bulletproof, a GLI Company conducting security penetration testing in the gaming and government sectors. Scott is an experienced IT leader and a white-hat hacker with over 25 years of experience. He specializes in the gaming industry with experience in slot system R&D and security operations. During his tenure in the gaming sector, Scott has assisted law enforcement and casino operators with the player and internal employee fraud investigations. Scott holds over 6 patents based on gaming and security and has one on the way for an anti-cheat engine.