A social engineering assessment seeks to breach your organization via your employees. A variety of techniques are used to simulate real world attacks, which may include phishing, vishing, smishing, call pre-texting, and even showing up at your office pretending to be someone else.
An effective security program needs to work in layers. Employees may well be the ‘last line of defence’, with them comes thousands of years of human evolutionary traits that attackers will exploit. For us, a social engineering assessment should be used to prevent/minimize the exploitation of those traits leading to serious problems.
Our team will develop a plan based on the client’s objective for the assessment. Depending on the number of employees in scope and the type of testing required, these engagements can take from 1-6 weeks.
Infrastructure will be deployed as necessary and then testing undertaken. Results are analyzed and a full report along with details on remediation provided.
It’s important to note that during social engineering assessments no employees are coerced into illegal activities or anything that could result in a disciplinary issue.