Bugcrowd partners with SocialProof Security to protect clients against social engineering attacks
As part of the partnership, Bugcrowd will resell SocialProof Security’s services, including social engineering prevention training, protocol and practitioner workshops, and penetration testing.
In addition to reselling social engineering services, Bugcrowd continues to innovate and invest in its award-winning Security Knowledge Platform with the most comprehensive suite of security solutions including bug bounty, vulnerability disclosure programs, attack surface management, and pen testing as a service. For example, Bugcrowd enables customers to purchase pen tests from a single provider for every type of use case – from the basic assurance of simple web apps and networks to continuous testing of cloud services and APIs, and now, to social engineering.
The leader in social engineering prevention services, SocialProof Security and CEO Rachel Tobac have become influential because of their friendly hacker approach to strengthening client defenses against human-based attacks. SocialProof Security’s impressive client list includes household brands such as Twitter, PayPal, Uber, Prudential Insurance, Cisco Systems, WhatsApp, NATO, and the US Air Force.
“We are excited to work with Bugcrowd on this reseller partnership as we move forward with our aligned mission to arm organizations with a proactive means to reduce social engineering risk through education, identity verification protocol improvements, technical tools, and measuring those updates with social engineering penetration testing,” said Tobac. “The majority of cyber attacks now start with some element of social engineering—manipulating people to take actions that could harm organizations. This partnership illustrates the priority Bugcrowd places on actionable and measurable social engineering risk mitigation in a well-rounded security program.”
SocialProof specializes in protecting against social engineering attacks in which attackers manipulate employees to acquire personally identifiable information (PII), credentials, unauthorized access to accounts, money, or other sensitive information. Such manipulation can be executed through common attack vectors, including phishing, impersonation, and pretexting. In fact, social engineering was named the top cyber threat by respondents to the 2021 State of Cybersecurity Survey by ISACA.
“Even with current elevated threat levels, many organizations are surprisingly unprepared for the threats from social engineering attacks, as we repeatedly find low awareness across organizations, outdated or inconsistent identity verification, and limited practitioner skill sets,” said Ashish Gupta, CEO of Bugcrowd. “Fortunately, taking a multidimensional approach that combines prevention training and tools, human-based protocol updates, and pen testing can dramatically reduce the risk of social engineering attacks. We look forward to bringing this innovative solution to market as a part of our services.”