Social Engineering

Social engineering is a professional and in-demand skill. Those good at it easily charm, coerce, induce and con others into disclosing information that compromises the security of your systems. Their objective is always to gain unauthorised access to systems or information in order to commit fraud, industrial espionage, data theft, or simply to disrupt business.

Our Social Engineering Assessments test specific policies and processes within your business. They provide an excellent way for you to analyse the effectiveness of your security awareness program, or to lay the foundation for creating one. Typically they include information gathering services such as public search databases, job sites, dumpster diving, email spoofing, targeted phishing, phone-based pretext calling, targeted social infiltration, and on-site social engineering to confirm that your staff are adhering to your defined policies, that general security awareness exists, and that your infrastructure is protected from social engineering attacks. Once we are inside, we are free to operate as you instruct us to.

We deliver:

  • A detailed report for your Executive, Management and Technical audiences
  • Identification of good practices found in the environment along with weaknesses
  • Prioritized results sorted by severity of risk
  • Recommendations on how to fix weaknesses and reduce your risks based on best practice, our experience and your unique business requirements
  • Guidance on ways to ensure compliance with regulations and industry mandates
  • Briefing session with your chosen team to guarantee understanding