DirSec :: Social Engineering

DirSec :: home

Home
Events/About Us
Contact/Support
Core Technologies
- Actiance
- Aerohive Networks
- AlienVault
- Axway
- Barracuda Networks
- Blue Coat Systems
- Bradford Networks
- Brocade
- Cenzic
- Check Point Technologies
- Cyber-Ark
- Dell/Force10 Networks
- Drobo
- ESET
- Exinda Networks
- Extreme Networks
- F-Secure
- F5
- FireMon
- ForeScout Technologies
- Gigamon
- HP
- Imperva
- Juniper
- Lumension Security
- M86 Security
- McAfee
- Palo Alto Networks
- Q1 Labs
- Rapid7
- RSA Security
- ScriptLogic
- Sophos
- Trend Micro
- Trustwave
- VMware
- WatchGuard
- Websense
- WhiteHat Security
- ZixCorp
Demos on Demand
Services
Knowledge Wiki

Social Engineering

In computer security, "social engineering" is a term that describes a non-technical type of intrusion that relies heavily on human interaction, and often involves tricking other people to break normal security procedures. A social engineer runs what used to be called a "con game". For example, a person using social engineering to break into a computer network would try to gain the confidence of someone who is authorized to access the network in order to get them to reveal information that compromises the network's security. They might call the authorized employee with some kind of urgent problem - social engineers often rely on the natural helpfulness of people as well as on their weaknesses. Appealing to vanity, appealing to authority, and old-fashioned eavesdropping are typical social-engineering techniques.

Another aspect of social engineering relies on people's inability to keep up with a culture that relies heavily on IT. Social engineers rely on the fact that people are not aware of the value of the information they possess and are careless about protecting it. Frequently, social engineers will search dumpsters for valuable information, memorize access codes by looking over someone's shoulder (i.e. shoulder surfing), or take advantage of people's natural inclination to choose passwords that are meaningful to them but can also be easily guessed.

Security experts propose that as our culture becomes more dependent on information, social engineering will remain the greatest threat to any security system. Prevention includes educating people about the value of information, training them to protect it, and increasing people's awareness of how social engineers operate.

We provide this service both onsite and offsite, and may utilize many other methods of intrusion. Our Social Engineering service will help your organization identify weaknesses in Policy, Procedure and staff training related to information security.

Upcoming Events:

2012 Events Calendar

Mar. 8th - Barracuda Velocity Tour hits Denver! - Lunch in DTC sign up here

Mar. 15th - Lunch & Learn @ Micky Mantle's - Oklahoma City with Bradford Networks and Palo Alto Networks
sign up here

Apr. 12th - Lunch & Learn @ MacKenzie's Chop House - Colorado Springs with Check Point
sign up here

Apr. 25th - Lunch & Learn @ Sullivan's Steak House - Omaha with Bradford and Aerohive Networks sign up here

Apr. 25th - DirSec booth @ IT Summit Denver view details/register to attend

Vendor Updates:

!! M86 Security - "Youtube for Schools" solution summary View the PDF

Social Engineering

Upcoming Events:

Vendor Updates:

Core Technologies: