This goes beyond targeted penetration testing, to simulate more closely real-world attacks incorporating human interaction and physical media.
We take a holistic view of your organization from the perspective of an adversary, working out ways to achieve set goals like stealing customer data, funds or gaining control of a system.
Websites are often the first thing an attacker looks at when sniffing around an organization’s network perimeter. By compromising your website, they sometimes have obtained their goal or can gain critical information to execute further attacks.
Exploiting unpatched or misconfigured network services is a great way for an attacker to introduce a persistent back door to your sensitive data.
When is the last time you held the door open for someone who didn’t scan their ID? In large corporations sometimes it can be as easy as walking in the front door and out the back with hardware.
With a little bit of research on staff and your organization, targeted phishing emails, malware or even trojans become a lot more convincing. Usually the first in a chain of composite attacks that lead an attacker to their goal.
Copyright @2020 Software Security NZ.