Social Engineering
Social Engineering Assessments
Security breaches of corporate IT networks are often thought to only come as a result of a malicious attack from technically competent computer hackers. However, Social Engineering is increasingly being used to help hackers bypass the initial IT security barriers.
Overly helpful employees lacking security awareness can often be duped into providing access to corporate offices or restricted areas such as IT data centres where the hacker has no authorised access.
Using a mix of methodologies Social Engineering attacks can come via a seemingly innocent telephone call, forged email or physical visits to corporate offices.
How Can We Help?
Pentest People’s Social Engineering testing service experts are adept at discovering and exploiting operational weaknesses in corporate policies and procedures that can unwittingly lead to unauthorised access to restricted systems.
Using the Open Social Engineering Framework methodology, our social engineering assessment consultants can set up a covert Social Engineering project aimed at testing the robustness of your internal systems and provide practical advice on what changes are needed to prevent a real attack succeeding.
The service would be delivered as part of the Pentest People Penetration Testing as a Service (PTaaS) and full access to the SecurePortal and other complementary tools would be provided.