Let Pentest People research, develop and manage an assessment of the security of your people and processes utilising the latest techniques.
Understand the Security Threats posed by your People and Processes.
Perform regular Social Engineering Assessments to understand the threat to your business.
PenTest People can design and perform these Social Engineering assessments on your behalf.
Security breaches of corporate IT networks are often thought to only come as a result of a malicious attack from technically competent computer hackers. However, Social Engineering is increasingly being used to help hackers bypass the initial IT security barriers.
Overly helpful employees lacking security awareness can often be duped into providing access to corporate offices or restricted areas such as IT data centres where the hacker has no authorised access.
Using a mix of methodologies Social Engineering attacks can come via a seemingly innocent telephone call, forged email or by physical visits to corporate offices.
The people and process element of security is often overlooked when allocating budget to Penetration Testing engagements. It is no surprise that attackers are also aware of this and looking at some very high profile attacks it is clear that Social Engineering techniques were utilised by the attackers as a way to extract reconnaissance information or to gain access to physical locations.
Pentest People’s Social Engineering experts are adept at discovering and exploiting operational weaknesses in corporate policies and procedures that can unwittingly lead to unauthorised access to restricted systems.
Using the Open Social Engineering Framework methodology, our consultants can setup a covert Social Engineering project aimed at testing the robustness of your internal systems and provide practical advice on what changes are needed to prevent a real attack succeeding.
Social Engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional “con” in that it is often one of many steps in a more complex fraud scheme.
Social Engineering is part of an overall Penetration Testing engagement. Traditionally Penetration Testing only assesses systems and infrastructure where Social Engineering is assessing the People and Policies for security weaknesses.
Social Engineering is a very bespoke service and Pentest People are experienced in all aspects of assessments. Due to the bespoke nature, it is best to Get In Touch with us to discuss your exact requirements.
The deliverable from this service is a full Social Engineering Test Report that is uploaded to our SecurePortal and available for you to interact with.
This differs from the competition in the way this is delivered and we believe this is a much clearer way to work with an manage the results of the assessment.