If untrained, humans can be the weakest link in your organization’s
security program. Our team can perform precise phishing, vishing,
whaling and other advanced attacks with the goal of evaluating your
company’s social posture and gain access to the scoped sensitive data,
information or PII as outlined.
All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.
• Planning – Customer goals are gathered and rules of engagement obtained.
• Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
• Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
• Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.