Social Engineering and Advanced Threats
The purpose of social engineering testing is to identify the most pressing gaps in technical defenses and employee security awareness through proof-of-concept, minimally-intrusive tests.
Our approach to social engineering and advanced threats answers the following questions:
- Assuming at least some of our users will fall victim to convincing scams, how effective are our tiered controls at reducing the impact of clicking a malicious email link?
- How effective is our current security awareness program at teaching employees how to identify and respond to threats?
We tailor our testing activities to model custom, organization and threat-specific tests to identify whether regulatory and data protection objectives are being met by the current SAT program.