Active Audit Agency

т: +38(044) 228-15-88

e-mail: info@auditagency.com.ua

 social engineering

Penetration test using social engineering methods
(social engineering)

What is it?

 social engineering

The technique when an attacker attempts to compromise not an information system itself, but the person, which manages or has an access to it, is called social engineering. This method uses a psychological affection of the human and exploits such qualities as courtesy, trustfulness, abstraction, enthusiasm, laziness, greed etc

Term "social engineering" is defined as a method of unauthorized access to the systems whithout technical means utilization. This method is based on human weaknesses exploitation.

Why do you need this?

The most destructive penetrations to the systems caused by social engineering attacks. Why? Because it is the way to gain access with the lowest efforts and resistance!!!

A hacker may spend hours, weeks, and even months trying to get access to your system, when one telephone call with a proper legend and flawless questions to your employee might give him a required password in several minutes. Using such methods as trash digging, talking to dissatisfied employees or even penetration to your company physical perimiter under the guise of courier may help an evildoer to gain full access to your system.

social engineering

Since software and hardware vendors enchance theirs products protection permanently the task of hijacking becomes more and more complicated, thus social engineering role is growing fast.

Understanding the possible attack vectors, methods and scenarios used by social engineer will help to develop an effective security action plan to protect your information assets.

Penetration test using social engineering methods will allow you:

  • Evaluate the real level of protection for your information systems;
  • Define necessary security measures against this kind of activities;
  • Save your customers'and partners' confidence in your reliability and save your reputation.

How is social engineering test conducted?

A succsessful social engineer must have on his/her arsenal a lot of tools and scenarios in order to achieve the goal of an attack.

Active audit agency uses own methodology, developed in cooperation with ukrainian and russuian psycologists.

Penetration test using social engineering methods we propose to perform in several steps:

social engineering

If you are interested in this service or want to know more, we'll be glad to arrange a meeting and present all details of this metthod.