What we do
An online exposure assessment seeks to answer two big questions:
- How much information is there on your organisation in the public domain?
- How could attackers use that information to access your sensitive information?
We use a wide range of methods and sources to piece together your online exposure, from search engine results to social media used by employees. This generally enables us to gather:
- Your organisation’s email addresses (for potential phishing attacks)
- Corporate profile
- Details of physical corporate locations (e.g. floor plans)
- Technical information on your organisation’s IT infrastructure
You’ll receive comprehensive evidence on the information we collect, categorised into corporate, technical and employee information. We will also outline attack scenarios where this information could be exploited (e.g. spear phishing campaign or physical security attack on one of your offices).