Blaze Information Security Real-world spear phishing assessments
What Can You Expect?
Proper Scoping and planning:
We invest time and resources into a scoping process that quickly identifies the effort required for your project. This process ensures a bespoke service that aligns with your exact requirements, avoiding under scoped or over scoped projects.
Blaze’s spear phishing simulations challenge the security of your organisation with realistic phishing emails and text messages. Our offer includes offensive phishing exercises to capture credentials for cloud services, VPN, e-mail, etc., or alternatively use controlled payloads to attempt to gain access to the employee’s computer, in order to breach the organisation’s network perimeter.
The assessment team works in close collaboration with the main stakeholders and security team of the customer to fine-tune the campaigns and collect all necessary metrics for a detailed understanding of the posture of the organisation and provide an accurate situational report of your company’s preparedness against such threats.
Blaze will provide your organisation with a detailed report listing all the results from the campaign, illustrating the risk of compromised credentials and endpoints when applicable.
The report includes the following:
- Executive summary where the issues, attack scenarios and business impact are explained in a non-technical language
- A detailed description of the vulnerabilities, demonstration of attack scenarios and suggestions for fixing the issues
- A remediation prioritisation matrix, helping your team to prioritize fixes and decrease risks to the environment
Reports are delivered within 3 business days from the completion of the security assessment.
The reports can be used for vendor risk assessments and compliance audits that frequently require penetration testing, such as SOC 2 type II, CCPA, GDPR, PCI- DSS, HIPAA, ISO 27001 and others.
A seasoned team of experts:
We provide boutique-level quality work because cyber security is in our DNA – from our engineers to the management team, we are a team of seasoned hackers and cyber security experts. Our team is composed of professionals with certifications such as OSCP, OSWE and others.
Our services are insured by AIG with a worldwide professional liability (E&O) cover of 2,000,000 EUR.