Social Engineering Testing - SET
Social engineering attempts to exploit weaknesses in corporate policies as well as staff training and individual awareness. E3 offers multiple types of social engineering testing either as a standalone services or incorporated within scope of penetration testing.
We have three broad categories of testing.
In person scenarios
Over the phone (vishing)
Email or electronic (phishing)
The goal all forms of testing is to evaluate whether employees are properly trained to prevent unauthorized access to sensitive information or failing to act in a way that that puts the organization at risk of exploitation. These simulations help heighten staff member awareness to potential real-world threats that may target them. Social engineering simulations are clearly designed to evaluate the institution as whole and not to single out inadequate employee performance.