We have been conducting social engineering attacks for around 3 years (legal attacks for clients, it is our job, no worry 😉 ). During these three years, our pentesters (security experts) tried various techniques, scenarios and pretexts. We have learned lessons from our experience, and our clients shared with us what they learned too. We are sharing them now with you.
1/ Social engineering in a nutshell
starting, let’s remember what social engineering is:
If there is one myth about
cybersecurity that we hear regularly and that absolutely needs to be busted, it
is this one. “Why would anyone attack us? We’re too small, too young,
no one knows us, we have nothing online… We’re not interesting to hack.”
Actually, yes, you are interesting.
Let’s take each point
– Why would anyone attack us? No one knows us
Vaadata is a startup specialised in penetration testing / ethical hacking. We are looking for an engineer to strengthen our business team during the pre-sales phase.
Who are we?
- A dynamic startup with a strong technical culture (subjects: cybersecurity/pentest, on web, mobile, IoT, social engineering scopes)
- A French company with many international customers (Europe & USA)
- A small and fun team, very different to the corporate world of big consulting companies
- An 100% independent and socially engaged company
The first one and the second are said to be the best allies of CISO (and in general people in charge of IT security). There are though two different tools in a security strategy. What are the different characteristics of each?
Let’s start with the vulnerability scanner.
It is a software that is programmed to run tests on your platform, on your information system – … to detect vulnerabilities. A scanner identifies vulnerabilities thanks to its database containing the known vulnerabilities and common security issues. They go through networks, services, applications, etc.
First characteristic, the tests are automated. This means they are fast and a whole system can be easily tested in some hours / days, depending on its size.