Social Engineering is a set of techniques used by attackers to con employees into providing privileged access and compromising confidential data. Rendition InfoSec’s social engineering assessments are often used to collect statistics and demographics on how susceptible your staff is to social engineering attacks, and is often utilized as an attack vector during our penetration tests. These assessments are tailored specifically to your environments, with planned activities based on common attack vectors with the end goal objective of determining security awareness, ability to mitigate active attacks and identify previously unknown gaps. Rendition ensures that testing activities remain in a controlled environment using secure methods that will not put your data at risk. The results are analyzed and business impact is assessed collaboratively to provide actionable steps towards remediating the concerns you have.
Rendition InfoSec’s Social Engineering services include:
- Open Source Intelligence Collection & Analysis – Public, both organization-wide or targeted components, attack surface available to an adversary
- Spear Phishing & Phishing Campaigns – Ranging from general to targeted emails using various sophisticated methods to gain access to systems or information.
- Pretexting/Cold-calling – Phone based social engineering to gather critical information
- Physical – Onsite activities used to gain access to specific or otherwise sensitive locations, including the insertion of unauthorized network devices, baiting, tailgating, dumpster diving, or portable media drops.
If you are concerned about the impact of social engineering has on your business, contact Rendition for assistance.