Penetration Testing: Social Engineering

"37.3 million users experienced phishing attacks in the last year"
- 2013 Kaspersky Lab Report

Why Test Social Engineering

Social engineering and phishing threats are two of the most challenging and damaging threats the Information Security Community faces.

For many organizations, employees are often overlooked as a potential threat to company security, not realizing that a skilled social engineering attack could compromize the entire organization. Even the best network and systems security will not prevent an attack directed at your employees. Malicious hackers can be extremely effective at coercing people to break their normal security procedures and divulge confidential information.

Why Redspin

At Redspin, we use the same thought process and real-world strategies of attackers in order to gain visibility and an advantage over the countless 'what-if' scenarios that your organization may face. Redspin helps you counter these threats by helping you take action, not just increase awareness.

Our Methodology

Redspin will step you through the social engineering testing process at a pace that is consistent with your IT security objectives, and provide professional security experts to support you throughout. Contact a Redspin security expert now.

Plan

Align your human layer initiatives with the entirety of your risk-based security program.

Train

Use targeted education and awareness to improve your security posture.

Test

Validate progress with real-world social engineering simulations and advanced surveys.

Measure

Objective based metrics provide actionable insights into your people and processes.

Action

No theory, no fluff. Take concrete actions that make a positive, immediate difference.


"Cybersecurity experts say a would-be thief is just a likely to gain access to company data by persuading an employee to hold open a locked office door."
- The Wall Street Journal