Social Engineering Security & Risk Assessment

Leveraging the human element of security

Our Social Engineering Security Assessment Services involves simulating real-world attacks to provide a current view of vulnerabilities and threats to a client environment. These "human-based" attacks consist of impersonating a trusted individual in an attempt to gain information and/or access to information or the client network infrastructure. The following types of social engineering security attacks can be scoped and added to an existing engagement.

External (Remote) Social Engineering Security Assessment Services

The external social engineering security assessment(s) will begin with passive internet reconnaissance that includes using publicly available sources, such as Web sites, search engines, and DNS records. Rapid7 security consultants gather relevant information about the company and employees available on the Internet such as employee names, titles, phone numbers, and email addresses. This information will be useful when conducting the more active social engineering security services below:

  • Phone-based Social Engineering Security Services: Utilizing information in the reconnaissance phase, and impersonating a trusted individual, Rapid7 will make phone calls to individuals within the organization. The objective of these calls will be to induce the users to divulge sensitive information over the phone in violation of company policy.
  • Targeted Email "Phishing" Attack Social Engineering Security Services: Emails will be sent to individuals and groups within the organization in order to attempt to entice the user to click on an external link that will either attempt to gather sensitive information or deliver a malicious payload onto their desktop system which could include browser and operating system buffer overflows, Trojan horses and keystroke loggers.

Internal (Onsite) Social Engineering Security Services and Physical Security Assessments

The internal social engineering security services will begin with passive Internet reconnaissance that includes using publicly available sources, such as Web sites, search engines, and DNS records, to gather relevant information such as employee names, titles, phone numbers, and email addresses:

  • Malicious Portable Media Social Engineering Security: USB Flash drives and CD-ROMs with enticing labels such as "Payroll" will be left in public areas such as hallways, restrooms and break rooms. The media will contain simulated malicious code that will attempt to grab sensitive host information such as the network configuration, list of running processes and a password hash dump.
  • Physical Security Assessment services: Rapid7 security consultants will perform a high level assessment of physical security controls including:
    • Building Access Control
    • Access Controls Around IT Assets
    • LAN Jack Access Controls

Social Engineering Security Services provide you with:

  • An understanding of real-world risks posed to the organization from the perspective of an attacker, going beyond the limitations of automated scanning.
  • A prioritized risk rating (DREAD framework) that takes multiple business-driven criteria into account.
  • Direct communication with an offensive security expert with years of industry experience and with direct access to the product team of the most widely used penetration testing framework.

Find out how Rapid7 can help you develop security best practices for your enterprise network.

Contact us