The Human Element is Your Weakest Link

It’s true for almost every company. Only frequent Social Engineering (SE) and Phishing assessments can help, and we’ve seen a significant improvement year after year for our customers that repeat testing. With or without a formal training session, your employees will take it upon themselves to improve after being breached by our team. They will learn first hand what to look for, and how significant the damage can be after being breached.

Our Competition Quits Work Early

We’re not kidding - most Social Engineering vendors consider the job complete after gaining a password or getting physical access inside the building. At that point, we’re just getting started. For Physical SE, we attempt to breach the internal network using a small device planted in the office for persistent connectivity. We’ll continue all of the way to Domain Administrator if it’s possible. For Remote SE engagements like phishing or cold calling, we’ll utilize any captured credentials and attempt to gain access to internal resources. Then we’ll pivot to other systems and aim for administrative control of the environment.

Why? A true (and safe) simulation of a security breach most effective way to demonstrate the potential harm that could be done, and these proven events provide significant credibility in driving awareness throughout the organization.

We Use the Latest Technology

We have several types of badge cloners, a Raxis designed and built cellular accessed dropbox device, and the needed tools to bypass various electronic locks. While social is a major component of our test, we also believe in the physical portion of Physical Social Engineering.

Learn more about our Social Engineering Process

Accessing Offices Using Cloned ID Badge

Accessing Offices Using Cloned ID Badge

Contact us for more information.

Name *