What is it
It simulates an event where an individual with authorized access to internal infrastructure, tries to access data and systems out of his authorized scope.
Typically two kind of profiles are evaluated:
- Fraudulent advisor
- Unfaithful employee
Features
- Allows to recognize weaknesses in interior systems and processes
- Provides an assessment of the roles’ segregation level between advisor and employee
- Gives the possibility to evaluate the incident’s monitor-and-response capabilities
- Identifies systems that can be accessed by unauthorized users