LOG4SHELL

|

Critical vulnerability

|

Find out the latest news and tactics.

Learn more
Vulnerability Management

Products

System & Network Scanning

Find vulnerabilities in your entire infrastructure.

Web Application Scanning

Find vulnerabilities in your web apps and APIs.

Phishing & Awareness Training

Increase resilience against social engineering.

Distribution Options

Cloud

Efficient and secure in the cloud.

On-premise

Installed in your infra with local storage.

Professional services

Premium Support

Flexible support for maximum ROI.

Penetration testing

Combine PT and VM.

PCI DSS compliance

Meet compliance demands.

Vulnerability Management Solution

Holm Security VMP

Take your tour
Solutions

Business needs

Industries

Compliance

Resources
Customers
Pricing
Partner

Information

Partner solutions

About us
Login

Security Center

Organizer

Start your free trial

System & Network Scanning

Systems, IoT, OT, SCADA etc.

Web App Scanning

All web apps and APIs.

Phishing Simulation

Build your human firewall.
Delivery option

Cloud
Delivery option

On-premise
Start your free trial

Pen. testing

Premium support

PCI compliance

Solutions

Resources

Partner

Pricing

About us

Pen. testing

Premium support

PCI compliance

Solutions

Business needs
AWS (Amazon Web Services)
COVID-19
IoT (Internet of Things)
Microsoft Azure
MSSP, MSP & SP (Service Providers)
OT, ICS, SCADA & PLC
SIEM integration
Social Engineering
Threat Intelligence
VAPT
Work from Home (WFH)
Risk Posture & Assessment
Risk-based Vulnerability Management
Industries
Education
Energy sector
Healthcare
Municipality
Retail & e-commerce
Shipping & maritime
Compliance
GDPR
HIPAA
ISO/IEC 27001
NIS
OWASP top 10
PCI DSS
Personal Data Protection Act
Personal Data Protection Bill
PSD2 (Payment Service Directive 2)
RMiT
SOX

Resources

Webinars
Blog
Customers
Support pages

Partner

Information
Become a partner
Partner Solutions
MSSP Partner Program
Managed SaaS

Pricing

About us

Our story
Join us
Management Team
Board
Contact

BUSINESS NEEDS

Social Engineering

Social engineering involves different methods to manipulate people to disclose confidential information. It is difficult to protect oneself against social engineering as attacks are often highly technically advanced. A spam filter is not a guarantee that you will remain secure. The best protection against these attacks is user resilience through continuous simulations, education, and awareness information.

Types of Social Engineering Attacks

New technologies - new risks

Ransomware

Ransomware-attacks are the greatest security threats of our time. These attacks often start with an email, tricking users to install dangerous code (virus). The ransomware starts to spread in the network, infecting unit after unit, from computers to servers. The content of the units is encrypted and often ransom is demanded to decrypt the units. 

Phishing

Phishing-attacks often target users to disclose sensitive information, such as banking information, credit card information, business secrets, email logging information, or information for other sensitive systems. By getting hold of credentials, criminals can gain access to more email accounts to perform attacks with.

Spear phishing

The openness of the internet allows for increasingly more advanced spear-phishing attacks to be executed. Criminals can manually or with the help of programs, easily find out, for example, who the CEO or CFO of your organization is. By fronting as a known person, different methods can be used to get a hold of sensitive information or get a person to perform detrimental acts.

Personal data

Social engineering can be used to make users leak personal data, in breach of GDPR. This often occurs through so-called spear phishing, for example, it could be when a criminal poses as the CEO asking for a list of all the employees.

Business secrets

Social engineering is also used to get a hold of business secrets. This is often done through spear phishing. For example, a criminal posing as the CEO, asking the CFO for the latest yearly report. For a listed company this kind of leakage of non-public economical information can have catastrophic consequences.

Phishing & Awareness Training

Build your human firewall

Over 90 % of data breaches start with a malicious email. Do you know how your users will respond to the next attack? Increase resilience against social engineering through simulated email attacks, like phishing, spear phishing, and ransomware - together with tailored awareness training. 

Read more