Once you’re onboard, we’ll kick off with a chat with your relevant team members. We’ll use this opportunity to discuss the engagement rules, what to expect, and how to alert you if something is being detected during the testing phase.
Since our testing goes so far beyond simple baiting for link clicks, it’s during this call that we’ll identify your most guarded/sensitive information to target for access and exfiltration. We also use this time to identify any specific targets you want tested or excluded (contractors, CEO, C-Suite staff, interns, etc).
Is the attack disruptive?
Because our goal is to be as unobtrusive as possible, we aim to gain access to your data or systems unnoticed. Your team may not even discover they’ve been compromised until you go over the findings with them directly.
Once testing commences, we’ll begin by gathering information on your organization and anyone with access to information systems or sensitive data. Then, it’s onto the fun part!
Our master social engineers develop the ruse, pretext, and situations we’ll use to influence the people— which involves extensive planning before any attack is made. It’s our superior preliminary research and strategizing that set allows our white hat social engineers to develop plausible situations that are realistic, credible, and trustworthy.