• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
Download
 
Pricing:
Pricing varies based on thesize, complexity, and depth of testing
Remote testing (phone andemail) typically ranges from$4,000 to $8,000
Onsite testing (physicalbreach) typically ranges from$2,500 to $5,000 per location
Social engineering is the practice of obtaining confidential information by manipulation of legitimateusers. During social engineeringtesting, Halock exploits the naturaltendency of a person to trust
another person’s word, rather than
exploiting computer security holes.It is generally agreed upon that
“users are the weak link” in security 
and this principle is what makessocial engineering possible. Socialengineering tests the effectiveness
of the organization’s policies as well
as employee security awareness.
Halock’s Red Team may use the telephone, carefully crafted email messages, and physical accesstechniques to coerce the organization’s employees into revealing sensitive information or granting
unauthorized access, in violation of established policies.Information gathered during social engineering efforts is utilized during ethical hacking (if included in the scope of the assessment), leveraging the information gathered to further attemptto exploit vulnerable applications, systems, and processes such as user registration, user accessprovisioning, and system maintenance.
Solution OverviewProfessional Services Included:
Information collection, such as the names of key IT staff members, credentials, systeminformation, locations of systems or data, etc,using public sources
 Attempts to gain access to sensitiveinformation remotely via telephone contactusing pre texting and persuasion methods
 Attempts to gain access to sensitiveinformation remotely via email contact andPhishing
 Attempts to gain access to physicalinformation assets through onsite entry 
Documentation of findings, includingdetailed walkthroughs of exploit scenarios
Social Engineering
Solution At-a-Glance:
Test end user securityawareness, ensuring em-ployees and staff adequatelysafeguard confidential infor-mation and trade secrets
Attempt to gain access tosensitive informationthrough remote or onsiteefforts
Simulate Phishing attacks todetermine if users will openfraudulent emails and dis-close credentials to the at-tacker
Can be performed blind(with no previous knowledgeor assistance) or in a col-laborative manner
847.221.0200 halock.com
 
1834 Walden Office Square, Suite 150 * Schaumburg, IL 60173 * 847.221.0200 * www.halock.com
 
Assessment & Compliance Services Division
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...