Hackner Security IntelligenceSocial engineering test
Sometimes, the easiest way for attackers to obtain confidential information or gain access to critical infrastructure is by constructing a scenario that tricks employees into helping them. Our social engineers have extensive experience in designing and executing scenarios, ranging from phishing e-mails and gaining physical access to assessing how vulnerable your company is to these attacks.
Social engineering is often the easiest way for an attacker to get what he wants. For companies it is one of the hardest areas to secure. Company networks get comprised because employees accidentally click on links in Phishing emails or connect malicious USB sticks to their computer. Sometimes, an attacker is able to just get in through the front door, pretending to be someone else, and walks away with new product plans or a prototype.
With our Social Engineering Test, HACKNER Security Intelligence explores how vulnerable your company is to these attacks and how well your security protocols function in practice. The test is meant as a learning process for both management and employees and should ideally be followed up on with a security awareness training. Among the social engineering techniques that are used are: Malicious USB dropping, (Spear) Phishing, Piggybacking, Dumpster Diving, and Phone Elicitation. In a kick-off meeting prior to the actual test, we define the goals and limitations of the tests. The report combines the findings with calculated risks and recommendations.