AWA’s Social Engineering Testing Services
Social engineering is a growing malicious threat that works to get information that can be used to gain unauthorized access to the network. Today, it’s critical that proactive security testing should include a social engineering component.
We provide regular testing services to identify entry points that could be more vulnerable to social engineering attacks. We’ll help you identify and secure these areas as well to protect against malicious social engineers.
What Are Social Engineering Security Vulnerabilities?
Social engineering assessment is a highly specialized type of penetration testing focused on discovering and exploiting others through the use of psychological manipulation. Social engineering attacks tend to be highly effective because they take advantage of the human element in an organization. It can be done via e-mail, social media sites and groups, text messages, and more.
The audit points for a social engineering assessment cover the effectiveness of the client’s information security program, policies, physical security controls and cybersecurity awareness training for employees.
Types of Social Engineering Penetration Techniques
- Technical – accessing a target system via technical means such as social networks, phishing emails, Trojan horse files, and more.
- Physical – social engineers impersonates employees or contractors to gain physical access or steal data from a storage device (USB drive, CD/DVDs).
- Human Resources – this form of social engineering targets the people who have inside knowledge of the organization’s systems.