New from Ponemon Institute: The State of Offensive Security in 2023. Read the Report ›
By forming an understanding of your challenges, requirements, and goals, Bishop Fox works with you to define a Red Team engagement that meets the specific needs of your organization. Unlike one-size-fits-all Red Team services, Bishop Fox offers a “building block” approach that can include a social engineering exercise with any combination of the Red Team service methodologies.
In-depth OSINT and Pretext Development
Every social engineering engagement is carefully crafted to your organization’s unique context, including logistics, user targeting, payload development, and more.
Leveraging enterprise chat, phone, and physical attack vectors provides a more accurate assessment of your organization’s resilience to a skilled adversary.
Complete Scenario Flexibility
Engagements are developed in collaboration with your security team to test both users and technical controls such as email, file, or physical security.
Attack Development Feedback Loop
Testing your users can be a sensitive endeavor. We work with you every step of the way in the development of the attack to make sure it strikes the right balance.
“Ride-along” with Elite Red Teamers
Get inside the head of a skilled attacker and see how TTPs are executed so you can apply that insight to sharpen your defenses.
Realistic Exploitation Attempts
Know just how far a real attacker could go about leveraging social engineering in combination with other advanced tactics that are typically used in Red Teaming.
You'll get a complete outline of the attack narrative with detailed breakdowns of actions performed, defensive performance, and results against target objectives.
Full Findings Presentation
Receive a complete walkthrough of findings to ensure all stakeholders understand technical findings, risks, and recommendations.
Recommendations for Program Improvement
Apply insights from the engagement to evolve your user risk, awareness, and culture program.
Accurately account for the potential consequences of an attacker successfully compromising one of your users and gauge your organization’s ability to respond.
Verify the effectiveness of your security measures like email security systems, endpoint security, enterprise chat platforms, and physical security protocols.
Get full transparency into all phases of a sophisticated social engineering campaign, providing novel intelligence to implement in your security program.
Apply fresh perspectives and data to the current initiatives and KPIs that make up your testing and awareness program.
Capture key insights and detailed examples of user risk to leverage in reporting to your organization’s senior leadership and board.
Identify new strategies to better engage your users, promote a culture of security, and take your program to the next level.
Our methodology is designed to challenge your defenses by attempting to exploit target individuals, departments, and systems through various social engineering techniques. Download the complete methodology to see what you can expect when you work with us.
Senior Security Consultant
Alethe Denis is a Senior Security Consultant at Bishop Fox. She is best known for social engineering, open-source intelligence (OSINT), and performing security assessments and trainings for both the private and public sectors with emphasis on critical infrastructure organizations. Alethe was awarded a DEFCON Black Badge at DEFCON 27 for winning the 10th annual Social Engineering Capture the Flag (SECTF) contest. Using both OSINT and social engineering skills, she compromised her target Fortune 500 company using just a telephone. She, along with her teammates, received a bronze, silver, most valuable OSINT, and Black Badge Award from a series of TraceLabs capture-the-flag contests, including first place in the August 2020 DEFCON edition of the TraceLabs Missing Persons OSINT CTF.
Getting Red Teaming Right: A How-to Guide
Read our eBook to learn how Red Teaming can provide the ultimate training ground for your defenses, assessing how well (or not) intrusions are detected and how an attacker can move throughout your network to achieve exfiltration.
John Deere Digital Security Journey: Securing Products Against Cyberattacks
To help ensure John Deere products are ready to withstand security threats, John Deere chooses Bishop Fox's Cosmos platform and product security reviews.
Whether you know exactly which services you need or want help in figuring out what solution is best for you, we can help.