Social Engineering Assessment

Social engineering assessments will effectively evaluate the security of your own people by trying to lure them into divulging sensitive information or taking an unsafe action in some way. This type of assessment is clearly deceptive, but it is necessary since it is one of the most common tools used by many of the world’s top hackers. Just stop to think about it for a minute. Is it easier to get around high-tech intrusion detection systems and break into networks, or convince company employees that they must divulge their passwords to get their computers repaired? The fact of the matter is that people are usually the weakest links in most security strategies, and social engineering assessments are the way to go if you want to verify the security consciousness of the people who work for you.

Our Approach

From the vantage point of external attackers, we will analyze the security awareness of targeted employees by creating an assessment profile from compiling available data. This profile may include but will not be limited to search engines, social media outlets, and a range of other sources. It will be used to create attack scenarios that are likely to be successful. We will then use direct communications in the form of social media, telephone, email or other means to conduct a multi-layered attack on specific targets. After the assessment is finished, a comprehensive report will be generated that will outline successful attack scenarios, and suggested remediation steps to improve the security of the people in your organization.

What is Included?

The social engineering assessment services that we offer are real-world, comprehensive assessments that include the following:

  • Assessments by certified GSEC/GIAC information security specialists.
  • Customer designated employee targeting method (You choose certain employees to be targeted, or we can define the targets randomly).
  • Target profile data collection from social media, search engines, and other available sources.
  • Password evaluation that is based on compiled profile data.
  • Target attack scenarios that are designed to simulate real attacks.
  • A comprehensive assessment report that will outline successful attack scenarios and suggested remediation steps.
  • Complete professionalism and confidentially.

Click to read more about Waypoint’s Small Business IT Security services.