Intelligence Gathering

Gathering intelligence about the organization, detection of sensitive positions and mapping of external access infrastructure. The gathering can also include active social engineering and in-depth data gathering.

Determination of the attack vector that includes the mail systems; vaults; VPN; web applications; or even users who have the ability to switch between home networks and the organization’s network. This phase also focuses on technical testing of the vector; sandbox evasion, etc.