Social Engineering Assessment
What is Social Engineering?
In the context of information security Social Engineering is the art of manipulating people to perform an action or divulge information they would not normally do or divulge.
Criminals try to trick people into giving them login details, access to computers, financial information and access to buildings or systems.
Criminals using social engineering techniques exploit our natural inclination to trust rather than finding a vulnerability in a software or system to gain the access or information they want. Some of the techniques include Phishing, Bating, Tailgating and Pretexting.
Are your employees able to identify Phishing attacks and report them?
How easy will it be for attackers to use social engineering to compromise your systems?
Why Choose Us For Your Social Engineering Assessments
Our testers are certified and highly experienced, ensuring our approach aligns with industry-best practice, avoids system disruption and protects the integrity of your data.
Partnering with us will allow your organisation to:
Achieve Greater Awareness
You will gain a greater awareness of the information that attackers will be able to obtain that is in the public domain.
Reduce Risk
With social engineering attacks on the rise, social engineering penetration testing will help your organisation mitigate one of the most significant risks you are likely to face.
Effectiveness of Security Controls
By employing our services you will be able to measure the effectiveness of your security policy and controls to identify, prevent and report social engineering attacks.
Security Gaps and Training
You will be able to identify security gaps within your controls and the training needs of your employees.
Our Methodology
01 Scoping
Our experts work with you to define the targets (names, email, phone numbers, departments, location) and the goals. It could also be a zero-knowledge enganement.
02 Reconaissance
We use the latest intelligence gathering techniques to uncover freely available security information that could be used to help us achieve the objective.
03 Pretexting
At this stage we put the information we gathered to together to create a story, email templates, costume, cloned cards
04 Exploitation
To obtain initial access to your network, our experienced network penetration testers exploit all identified vulnerabilities, but in a safe way that avoids damage and disruption.
05 Reporting
Once an assessment is complete, our consultants document key findings and supply prioritised remediation guidance to help address any identified exposures.
06 Debrief
We give you an overview of the assessment. If more details are required, we can talk specifically about the details.