The frequency and complexity of social engineering and advanced persistent threat attacks is increasing at a rate that is preventing content filtering, anti-virus, and anti-malware technologies from being an effective countermeasure. In fact, the only way to prevent compromise from social attack is to provide employees with security awareness training, and subsequently measure the organizations response to such attacks.
Critical Assets is the world’s only organization that has the ability to create dynamic social engineering engagements, and repeat them using various “actor scenarios” to create the most realistic attacks possible.
“Out of the Box” Tools and Frameworks Aren’t Enough
Anyone can download a copy of attack tools like Metasploit or SET and run them. Critical Assets’ Social Engineering Assessment does not rely solely on automated tools to test your organizations’ response to social threats. Our labs craft custom threats, designed to be as effective as possible for your individual environment, and have a defined methodology for measuring response and effectiveness.
Testing can include:
- Email spoofing
- Targeted phishing
- Phone-based pretext calling
- Targeted social hacking
- On-site social engineering
Validating that your staff are adhering to policies, that general security awareness exists, and that you are protected from SE attacks will reduce the exposure to your organization.