Social engineering and intelligence led testing open up the traditional boundaries of an assurance project. Social engineering introduces a human element and intelligence led testing pro-actively seeks out the unknown security weaknesses by expanding test scopes and uses different techniques to overcome the limitations of traditional assurance exercises. The aim is always to consider how the security of systems may be undermined in the real world, where behaviour can be different to that of a more lab-orientated security test.
- Allows you to test the effectiveness of your security awareness training program, or lay the foundation for creating one.
- We agree specific, measurable test objectives tailored to test specific policies and processes within your organisation.
- We use a range of techniques including persuasion and reverse social engineering to gain entry to your site.
- We use different resources to gather information, including corporate website, public search databases, jobsites, dumpster diving, public venues and physical access.
- Final deliverable is a detailed report about the policies that were tested, and the results of each attempt.