Let's Talk

or call 801-532-7444 today

Tanner LLC 
36 S. State St., Suite 600
Salt Lake City, UT 84111

United States
Phone: (801) 532 7444
Maps & Directions 
Sitemap

 

2019 Tanner LLC
All Rights Reserved.

  • Facebook Social Icon
  • LinkedIn Social Icon
  • Instagram
  • Twitter Social Icon

Let's Talk

SOCIAL ENGINEERING TESTING

Social Engineering Testing

No technical solution can protect an organization if an employee allows a hacker into the network. The goal of these attacks could be technical (breaching a network to compromise sensitive data) or physical (gaining access into restricted areas). Whatever the goal, social engineers design their attacks to take advantage of our natural tendency to be helpful, trusting, and non-confrontational.

Social Engineering Security Testing identifies human weaknesses within an organization. The combination of technology, psychology, and creativity makes social engineering a real, and often undetectable, threat. It has become an extremely popular and effective way for hackers to gain access to a company’s information systems and steal sensitive information. Some of the methods Tanner’s Information Security team uses to combat social engineering hacks include:

  • Phishing: Sending spoofed emails to employees with malicious attachments or links.

  • Pretexting: Pretending to be a person of authority to get employees to perform actions that compromise the network (e.g., providing valid login credentials).

  • Media Dropping: Having employees introduce malicious files from external devices onto the company network.

  • Physical Security: Attempting to bypass physical locks, motion sensors, and other security controls to access restricted areas.

Tanner’s Process

Our Social Engineering Testing engagements are built from the ground up and tailored to meet the needs of your specific organization. Each test begins by using public resources and select employees to gather information on the organization. We then leverage this information to convince end-users to break company security policies that jeopardize the integrity of the network.

Pre-scripted online tests are ineffective because they fail to simulate the actions of real-world attacks. Our customized approach uses the same sophisticated techniques that hackers have been using for years to compromise high-profile companies across the world.

Social Engineering Test Deliverable

Upon completion of the Social Engineering Testing assessment, you will receive a detailed report containing the following information:

  • Statement of the engagement’s purpose, scope, and approach

  • Description of attack methods used during testing

  • Detailed social engineering security logs, including:

  • Originating IP addresses of compromised systems

  • Usernames/login credentials

  • Times of actions/exploits

  • Overview of identified risks

  • Prioritized recommendations to help reduce risk

Engage the security experts

Learn how Tanner’s security services can help you accomplish your specific business goals.

Tanner LLC