Social engineering (or confidence trick) services delivered by ethical cyber security professionals.
Nettitude delivers highly tailored social engineering testing engagements, designed to help assist organizations increase their security posture and reduce the risk of insider threat attacks.
Request a free quote
LOOKING FOR SOCIAL ENGINEERING TESTING SERVICES?
What is social engineering?
The phrase Social Engineering; covers a multitude of different types of tests, ranging from services conducted over the Internet, through to services over the phone or physically on site.
Nettitude strongly believes that an element of Social Engineering should be conducted in all Penetration Tests, due to the fact that humans are involved in all security processes.
To focus on the technology alone, results in an incomplete test. The intent behind a Penetration Test should be to identify the risk that is presented by a certain type of asset, connection or activity. Therefore, to fully address all of the elements that feed into that risk, Nettitude genuinely believe that human aspects need to be considered.
Social Engineering and Spear Phishing Scam Services
Some of the more high-profile security breaches that occurred in 2012 were instigated through social engineering exploits. Users were targeted through spear phishing scam emails, and through clicking on a link, opening an attachment or browsing to a website, provided a backdoor into the corporate environment for an attacker to exploit. Through conducting spear phishing attacks and other social engineering tests, an organization can get a feel for how susceptible its employees are to compromise.
In almost all instances employees will provide the weakest link in an organization’s security arsenal. As a consequence, social engineering tests that feed directly in to security awareness training programs provide a direct mechanism for organisations to tackle this vulnerability.
The Human element will always pose a risk to organizations, however through considered social engineering and targeted security training, organizations can help to reduce the risk of employees exploited through malicious content.