Social Engineering Assessments
Security breaches of corporate IT networks are often thought to only come as a result of a malicious attack from technically competent computer hackers. However, Social Engineering is increasingly being used to help hackers bypass the initial IT security barriers.
Overly helpful employees lacking security awareness can often be duped into providing access to corporate offices or restricted areas such as IT data centres where the hacker has no authorised access.
Using a mix of methodologies Social Engineering attacks can come via a seemingly innocent telephone call, forged email or physical visits to corporate offices.
Listen to one of our Social Engineering experts
breakdown this Pentest People Service

What are the Risks?
The people and process element of security is often overlooked when allocating budget to Penetration Testing engagements. It is no surprise that attackers are also aware of this and looking at some very high profile attacks it is clear that Social Engineering techniques were utilised by the attackers as a way to extract reconnaissance information or to gain access to physical locations.

How Can We Our Social Engineering Security Services Help?
Pentest People’s Social Engineering testing service experts are adept at discovering and exploiting operational weaknesses in corporate policies and procedures that can unwittingly lead to unauthorised access to restricted systems.
Using the Open Social Engineering Framework methodology, our social engineering assessment consultants can set up a covert Social Engineering project aimed at testing the robustness of your internal systems and provide practical advice on what changes are needed to prevent a real attack succeeding.
The service would be delivered as part of the Pentest People Penetration Testing as a Service (PTaaS) and full access to the SecurePortal and other complementary tools would be provided.
Assess the security of your Businesses People and Processes
People & Processes
Within all businesses they are more threats to your infrastructure than cyber threats, your people and processes also play a major role.
With the Social Engineering Assessment you will understand the Security Threats posed by your People and Processes.
Consistent Assessments
Perform regular Social Engineering Assessments to understand the threat to your business.
Pentest People can set up a regular plan allowing consistent assessments so your security won’t falter.
Design & Perform
Pentest People can design and perform these Social Engineering assessments on your behalf.
With years of experience from multiple backgrounds we can set-up a thorough test that reviews multiple factors within your people & processes.
Social Engineering Overview Transcript
The Pentest People’s team of social engineers are on hand to accurately model how real-life threat actors go after your business. These social engineers are well versed in performing these sorts of engagements. By modelling local businesses or even well-known suppliers of yours, it’s possible to craft a campaign that is likely to trick your users into clicking on links. This isn’t a form of gotcha exercise this is so you can accurately inform your users how to prevent them from falling victim to these sites’ types of attacks when they happen in the real world either by focusing on keys to the kingdom in the form of office 365 credentials or indeed credentials to your CRM, or indeed trying to get users to download documents with malicious intact attachments, and execute them. In all of these cases, pentest people are on hand to provide a custom-tailored social engineering engagement that will teach you exactly how you’d react in the real world.
Key Benefits
Understand how your security posture can be affected not only by your infrastructure but also by your trusted employees.
- Identify Security Vulnerabilities within your People and Processes allowing you to proactively remediate any issues that arise
- Improve your security posture, allowing you to reduce the threat of a cyber attack occurring against your business
- Comply with various regulatory bodies who mandate regular Social Engineering Testing be performed within your infrastructure
- Be able to prove to your supply chain that you are taking the necessary precautions to ensure your strong security posture
- Be able to focus efforts on important security issues by identifying the high-risk items identified in the Social Engineering report
Frequently
Asked Questions About Social Engineering Penetration Testing
How does Social Engineering differ from a Pen Test?
What types of Social Engineering can you offer?
What is the deliverable from the service?