Tests on the behavior of company employees or so-called “Social Engineering Tests”

The tests are targeted and targeted attacks against company employees in order to obtain confidential information about the company being tested. The reactions and responsiveness of employees to phishing attacks are evaluated. When conducting the tests, different techniques are used and combined to deliberately mislead employees by requesting different information. Targeted e-mail scenarios are played out to gain usernames and passwords, bank accounts, customer information and other information.

The purpose of the tests is to verify the compliance of the company’s employees and the ability of the malicious person to penetrate these channels to your data or to control information systems or correspondence.

In addition, our team has been joined by personal data protection professionals who will be able to review your adopted data protection rules and give you guidance on how to improve them, as needed, or to prepare new ones as needed in the legislation.

These tests are performed to answer the following questions:

  • How reliable is the organization’s security policy?
  • Are there vulnerabilities?
  • What harm can the attacker do by exploiting these vulnerabilities?
  • How can an attacker exploit this vulnerability?
  • Are the access rights and privileges of the employees correctly set?
  • How can the identified weak points be closed in an easy and reasonable way?