Comodo Penetration Testing provides a compliance service that effectively supports business areas in their duty to comply with relevant laws and regulations and internal procedures
Recent improvements in security solutions have made it more difficult for attackers to just "hack their way in". In response, attackers are increasingly using social engineering attacks to gain access to your network and assets.
Social engineering attacks are constantly evolving and increasing in effectiveness. Just like "hackers" we see two main kinds of social engineering attacks; those that are targeted at specific individuals and resources and those that aren't.
Dragon Labs provides several different types of social engineering attacks that aim to understand the security awareness level of employees and help plan training needed to increase it.
Phishing attacks that target a specific department or an employee profile
Deceptive emails, supposedly from a reliable source, sent to email addresses harvested from the Internet. Scenarios vary depending on the scope of the engagement
Social engineering attack scenarios that use physical vectors such as phone, visit to target sites and USB sticks
Social engineering attacks aimed to higher executives or employees who have access to critical data such as system administrators
Dragon Labs has developed a number of scenarios that leverage social media
Comprehensive social engineering tests
Security awareness training for employees
Security awareness training for executives