This is interesting:
First, it integrates with corporate directories such as
Active Directory and social media sites like LinkedIn to map the
connections between employees, as well as important outside contacts.
Bell calls this the "real org chart." Hackers can use such information
to choose people they ought to impersonate while trying to scam
employees.
From there, AVA users can craft custom phishing campaigns, both
in email and Twitter, to see how employees respond. Finally, and most
importantly, it helps organizations track the results of these
campaigns. You could use AVA to evaluate the effectiveness of two
different security training programs, see which employees need more
training, or find places where additional security is needed.
Of course, the problem is that both good guys and bad guys can use
this tool. Which makes it like pretty much every other vulnerability
scanner.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.