VSR's organizational security offerings focus on improving an organization's overall security posture and help them defend against threats from a wide variety sources. Our various services can be applied individually or combined to to comprehensively test an organization's security infrastructure, personnel and policies.
Social Engineering Test
During a Social Engineering Test, VSR assesses an organization’s defenses and response to a wide variety of social engineering techniques.
- Social engineering tests are tailored to each organization in order to create realistic pretexts and scenarios.
- Vectors can include a combination of spearphishing, vishing, and physical impersonation.
- The goal of a test is to assess technical controls and employee awareness in an attempt to obtain employee credentials, achieve code execution on employee workstations or obtain other sensitive data related to the target.
- Detailed metrics regarding responses, successes and failures are provided.
- Based on results, a remediation plan is provided for identified weaknesses.
Advanced Persistent Threat Test
During an Advanced Persistent Threat Test, VSR analyzes an organization's detection and response to an APT in their network.
- Test scenario and objectives are tailored to each organization to maximize realism and effectiveness.
- APT is inserted into network and monitored by VSR to assess organizational response.
- Detailed data is provided after each test along with recommendations to improve the organization's security posture.
Incident Response Test
During an Incident Response Test, VSR works hand in hand with an organization's incident response team during a simulated breach, combining both a red team and blue team exercise. This is a comprehensive offering that emulates the realities of today's threat landscape and best prepares and organization for a potential breach.
- Part of the VSR team breaches the organization's network with a specific objective such as stealing sensitive data. VSR can either start inside the network or leverage a breach vector discovered by another form of testing such as social engineering or a network penetration test.
- The other part of the VSR team provides guidance and training to the Incident Response Team in order to properly handle the breach and minimize damage.
- A detailed report from the perspectives of the attacker and defender is provided to the customer along with recommendations to improve the organization's incident response.
Physical Security Penetration Test
During a Physical Security Penetration Test, VSR assesses and organization's physical security posture and policies by attempting to physically infiltrate an organization's facility and ex-filtrate sensitive data.
- Penetration testing is performed both during both business and off-business hours.
- Access controls such as locks, RFID tags and security personnel are identified and exploited.
- Waste disposal is analyzed for potential weaknesses and leaks of sensitive information.
- Access to facility is attempted via a combination of circumvention of physical controls and social engineering.
- Organizational response to unauthorized persons is analyzed.
- A detailed report of the analysis and results is provided to the customer along with recommendations on improving physical security.
Contact Us To Discuss Your Needs