Social Engineering Penetration Testing Services
Social Engineering focuses on identifying and validating vulnerabilities associated with your employees’ awareness and ability to follow documented procedures, policies and security best practices. It is sub-class of our penetration testing
Example Case Study:
- Whilst conducting an email social engineering test, our consultant engineer sent a link to a new web-based email system supposedly set up by your IT. The site was a custom built application by Minatio that was designed to steal user credentials. We received many responses from employees, which was worrying and highlighted the need for employee awareness and vigilance in this area.
Social engineering penetration testing this can be performed in two ways both phishing and physical:
- Phishing testing is a testing method which will test your companies employee security policies, their awareness and training levels. It also tests the data leakage levels of your organization through phishing emails. This is a very valuable test, for when encountering a secure external network this will be an adversaries favored choice of approach and your employees need to have the skills and knowledge to be your companies first line of defense.
- Physical testing will also test your employees in a different way. A skilled professional social engineer with a scope and permission will try to gain entry to your secure facilities with the eventual target of connecting to your internal network. This will test both your office and security staff and your physical security defenses. This is a great way to test your physical security expenditure and to gain assurance that your building is a safe and secure environment to work and conduct business in.
See below for more information.