Enterprise Immunity Assessment
In recent times, the vast majority of successful attacks are based upon malware delivered through a barrage of social engineering, trickery and browser-level subversion. In order to test these defences, it is necessary to construct and deploy the same kind of advanced and stealthy malware as employed by the best cybercriminals.
Our Enterprise Immunity Assessment will determine how well your organisation's current security defences stand up to varying degrees of non-destructive malware payloads. From off-the-shelf exploits to our custom-developed Command and Control framework, we will determine just how broadly a malicious payload can spread, and the information that it can exfiltrate from your environment.
Social Engineering Penetration Test
Social engineering is the human side of testing for corporate vulnerabilities and comprises the techniques used by real attackers to fool an organisation's staff into revealing sensitive information or performing actions that create security holes for the attacker to slip through.
We create a completely unique, tailored social engineering campaign for each client. This can include phishing, phone calls impersonating legitimate staff members and pre-texting in order to entice users to perform actions that will provide us with unauthorised access to corporate systems.
Physical Penetration Test
Physical security is just as important as cyber security, and by ignoring the former, you undermine the latter. If the servers holding critical business information are not physically secure, neither is the data contained within them.
Our physical security operatives are highly skilled in today's physical security controls, techniques and associated bypasses. Our physical penetration testing will reveal real-world opportunities for malicious insiders or bad actors to be able to compromise physical barriers, such as locks, sensors, security cameras and tripwires, in such a way that allows for unauthorised physical access to sensitive areas leading up to data breaches and system or network compromise.