Social Engineering

Your staff members are the first line of defence against attackers, and it is becoming more and more common for attackers to simply phone a company and trick a staff member into giving them access to a customer or staff account, or other valuable system. This is known as social engineering, and is becoming increasingly prevalent as an attack vector.

What is Social Engineering Penetration Testing?

Social engineering is a simulated attack against your staff, which takes place either over the phone, via your helpdesk solution or via your webchat solution. The purpose of the simulation is to attempt to gain access to valid customer accounts, or to trick the staff member into divulging sensitive information.

Our testers will enumerate the potential attack surface for social engineering, carry out research into your business, the targeted staff members, and your customers prior to launching the simulated attack.

What are the benefits of Social Engineering Pentesting?

As with more traditional types of security assessment, the benefit of social engineering is that it enables you to safely identify potential gaps in your security posture, and address those gaps before attackers exploit them in the real world.

Find out how well aware of potential threats your staff are, and identify gaps in your processes which could allow attackers to breach your organisation via a social engineering attack.

Are you CREST Certified?

OnSecurity is a CREST (Council of Registered Ethical Security Testers) approved vendor. This means that all our test methodologies, processes, policies and procedures have been externally vetted by CREST to ensure we are operating to the highest standards possible in the pentesting industry.

On top of this the majority of our testers are CREST certified, meaning they have been through a CREST assault course (or CREST-recognised equivalent) to ensure they have the requisite skills needed to find and exploit vulnerabilities in a safe and controlled manner.

This external validation means you can be confident your pentests are being carried out to the highest standard, by vetted and tested consultants, who use a best-in-class manual-first approach to testing.

Crest Logo

What will we find in a Social Engineering Penetration Test?

The outcome of a social engineering test is typically that our testers have gained unauthorised access to one or more of your systems or applications. You will receive a report detailing the actions we took, how we gained access and what weaknesses we exploited to do so.

Get an Instant Social Engineering Quote

Do you have a budget and want to know how much a specific pen test would cost? Try out our instant quote generator and get the ball rolling.

© 2022 ONSECURITY TECHNOLOGY LIMITED (company registered in England and Wales. Registered number: 14184026 Registered office: Floor T, Castlemead, Lower Castle Street, Bristol, England, BS1 3AG). All rights reserved.