BreachLock has a unique approach that combines an open-source threat intelligence initiative with a custom phishing exposure assessment. Using OSINT intelligence, we will craft a spear phishing campaign targeting designated personnel within your organization to test your cyber defenses.
BreachLock pentesters will identify and understand the weaknesses and vulnerabilities of your organization's employees, contractors, or other personnel by employing social engineering tactics to manipulate individuals to reveal sensitive information, perform certain actions, or compromise security controls.
BreachLock will then evaluate the level of security awareness and training effectiveness needed within your organization by providing the results of the social engineering program and tactics, and where individuals or departments failed to identify potential threats.
Our pentesting experts will help your security team to determine if security policies and procedures are effectively enforced, especially when it comes to verifying the identity of individuals or handling sensitive information.
BreachLock will provide an overall assessment on how well the organization's personnel respond to and report suspected social engineering attempts leading to improving security readiness and incident response.
BreachLock experts will provide recommendations for enhancing security awareness, training programs, and policies to mitigate social engineering risks and provide a report with social engineering tactics, weak security control or low employee awareness, and an analysis of recommended organizational improvements.
BreachLock offers a fully managed, in-house team of certified ethical hackers to help keep your organization safe from potential threats and malicious activity. Our pentesters and Red Team experts are equipped with the industry’s highest certifications including OSCP, OSCE, CREST, CISSP, CEH, and GSNA, offering you a highly skilled professional team that you can trust.
BreachLock will research publicly available open-source intelligence and capture instances that may leak vital information to hackers. This information is presented in a report that can be used by your executive team to formulate policies and awareness campaigns.
We investigate employees' personal emails and passwords that may have been compromised in a recent hack. This may impact your organization as the same passwords may be used to access critical resources.
BreachLock will carefully analyze the OSINT gathered in the first step and formulate a spear phishing scenario that is relevant to the target audience. The campaign is launched in a coordinated manner and each interaction with the user is captured minutely.
Our reports contain visual evidence of exposures found during the OSINT assessment. This ensures that you get sufficient input for an effective security awareness campaign. The Phishing Exposure Assessment Report captures vital statistics such as emails sent, delivered, opened, clicked on, and includes Usernames and emails that resulted in a compromise.
Sending deceptive emails or messages to trick recipients into revealing confidential information or performing actions that can compromise security.
Using phone calls to impersonate legitimate individuals or organizations and manipulate targets into providing sensitive information or taking certain actions.
Creating a fabricated scenario or pretext to elicit sensitive information from individuals, often over the phone.
Leaving infected USB drives or other physical media in areas where employees are likely to find and use them, thereby infecting their computers.