Social-Engineer, LLC is a premier information security consulting and training company, founded by Christopher Hadnagy in 2003. Social-Engineer specializes in the art and science of social engineering. Therefore, we focus on human based social engineering attacks; instead of technical security penetration testing. With this in mind, we provide education so that organizations can take action that will lead to protection.

Education

To begin with, our professional corporate services provide education and training specific to the tactics that hostile attackers use to influence, as well as manipulate people. Additionally, we also offer interactive, life changing training courses that educate, as well as strengthen individual skills. In fact, several of our training courses qualify for Continuing Professional Education (CPE) credits.

Action

Social-Engineer provides education, so that organizations can take action. For this reason, our professional corporate services provide comprehensive reports that include employee actions and responses. As a result, organizations now have actionable data enabling them to align with industry best practices.

Protection

Ultimately, we want organizations to have the best protection possible. Since we have over five decades of combined experience, Social-Engineer is uniquely positioned to help your organization detect, mitigate, as well as protect itself from the devastating effects of both physical and data breaches.  While it may be true that some network security vendors offer “social engineering” services, please be cautious. It’s important to realize that a true understanding of attack vectors, as well as how to use social engineering, is a unique and distinctly separate skill-set from technical network security testing.

Our Services

Phishing as a Service (PHaaS®)

Phishing as a Service® (PHaaS®) is Social-Engineer’s patented, fully managed monthly service. Our premier service specifically measures, as well as tracks how your employees respond to phishing emails. Indeed, it is an essential tool to keep your enterprise one step ahead of attackers.

Vishing as a Service (VaaS®)

Vishing as a Service® is Social-Engineer's premier, patented and fully managed monthly service. Our professional Social Engineers use custom crafted phone pretexts in order to elicit critical data from your employees. As a result, this process equips organizations with a continuous assessment and training process to successfully combat vishing attacks.

Social Engineering Risk Assessment (SERA)

The Social Engineering Risk Assessment service gives you the option of an Open Source Intelligence (OSINT) investigation on your company and/or high value internal personnel. In other words, we collect data from publicly available sources. To this end, we search social media platforms, public records, interest and hobby sites, as well as other online databases. We do this in order to find  information that would enable an attacker to perform targeted attacks against your employees.

Physical Security Assessments

Social Engineering Teaming Service

The Social Engineering Teaming Service focuses on the human element of information security. Therefore, the purpose of this service is to identify weaknesses in the human network of your organization. We specifically focus on weaknesses which result in employees giving up vital information, or that result in giving physical access to hostile attackers.

Red Teaming Service

The Red Teaming Service is a full-scope, multi-layered, adversarial simulation. Its purpose is to test a company’s human element, networks, applications, as well as physical security. As a result, you see how your organization matches up to industry best practices in overall information security.

Penetration Testing

Social Engineering Pentest

The Social Engineering Pentest service specifically tests only the human element of your organization. Its purpose is to ensure that employees follow company security standards. Additionally, it assists organizations to align themselves with industry best practices.

Network Penetration Test

The Network Penetration Test is a service that specifically tests the vulnerability of your network. This test is vital because the communication systems your employees and colleagues use are vulnerable to malicious attacks. We perform the Network Penetration Test service against external assets, internal assets, or a combination of both.