> Volexity now determined the attacker was connecting to the network via wireless credentials they had brute-forced from an Internet-facing service. However, it was not clear where the attacker was physically that allowed them to connect to the Enterprise Wi-Fi to begin with. Further analysis of data available from Organization A’s wireless controller showed which specific wireless access points the attacker was connecting to and overlayed them on a map that had a layout of the building and specific floors.
This is the kind of hackery I'd enjoy seeing in a blockbuster movie.
I think Ubiquiti have that built into their AP/network management software. You can define a floorplan and drop your APs into it to understand dead zones etc, and you have granular data on which clients are connected to which APs