Chapter 6

Ensuring Value Through Effective Threat Modeling

Richard Ackroyd,    Senior Security Engineer, RandomStorm Limited

Most customers realize that they need Social Engineering, but often set unrealistic targets. This chapter helps you to steer customers away from the Mission Impossible mentality and toward more practical objectives. Practical Social Engineering is less about dropping down nuclear cooling towers on ropes while avoiding lasers, and more about delivering value by identifying risks, even where time constraints tie one hand behind your back.

Keywords

Threat modeling; Information Assurance; Risk Management process; reconnaissance and surveillance; phishing; spear phishing; organized crime groups

Information in this chapter

• 

Get Social Engineering Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.