PEN Consultants Logo
Don’t Be a Victim: Find your weaknesses before the criminals do. PEN Consultants can help!

Social Engineering Assessment

As email security filters continue to evolve and improve, attackers are moving from email-based phishing to other social engineering methods, such as SMS, phone, in-person impersonation, media drops, etc. These non-email based forms of social engineering rarely have the security solutions in place to monitor and block malicious messages and attacks, which is an advantage for the attacker.

The Social Engineering Assessment could include everything from the Phishing Assessment service (email-based social engineering), but it could also include a custom-tailored combination of SMS (i.e. smishing), phone (i.e. vishing), in-person impersonation (i.e. physical social engineering), baiting (ex. USB drops), social media, mailed letters/packages, etc. The details of the assessment are tailored to your specific needs and risk profile.

View our Sample Findings and Recommendations Report to see the level of detail PEN Consultants provides in our report.

Schedule a Consultation

Sample Pricing

Because our Social Engineering Assessment services are highly tailored to each client engagement, it is more difficult to give sample pricing.  The following are sample costs for some of the most common – vishing, smishing, and baiting:

  • Small: No dedicated SOC, minimal technical control
    • Single Campaign: $2,750 – $3,250
    • Three Campaigns: $7,500 – $8,500
  • Medium: Basic out-of-the-box security controls, basic security staff
    • Single Campaign: $4,250 – $5,000
    • Three Campaigns: $11,500 – $13,500
  • Large: Multi-layered, out-of-the-box security controls, SOC
    • Single Campaign: $6,000 – $7,250
    • Three Campaigns: $16,250 – $19,500
  • xLarge: Custom security controls, advanced SOC
    • Varies

Add-On Services

In order to keep our testing prices low, we’ve removed certain services that not every client requests.  You only pay for the following services you need.

Post-Testing Briefings
Executive Level and/or Technical Level
Micro: $400 each, Small: $550 each, Medium: $675 each, Large: $825 each, xLarge: varies
Remediation Testing
Micro: $700, Small: $825, Medium: $975, Large: $1,100, xLarge: varies
Assist Technical Support Staff with Mitigations
$1,100 per 5-hr block of consultant time
Assist SOC Staff in Building Detections
$1,100 per 5-hr block of consultant time
On-Site Supplemental Testing and/or Visits
Mileage fee of 
$3 per mile from 78006
plus, $300-450 per day for most visits
DISCLAIMER: Sample pricing listed is not actual pricing. These dollar amounts are estimates based on the number of hours required for engagements of similar size and assumes white box testing and at least a 60-day lead time. They are provided to give you a ballpark idea of the cost for the service. The total cost will be based on the estimated number of hours needed to perform the requested service and our hourly rate. Black box testing, specific complexities, and other non-standard situations will increase costs. Additionally, sample pricing does not include travel or other non-standard expenses (specialized equipment, materials, etc.). Final pricing is determined during the no-obligation scoping phase (before testing starts).
DISCLAIMER: Other than Wireless Testing, all testing is remote-only unless otherwise noted. Sample prices and prices quoted are for remote-only and do not include travel. See the On-site Supplemental Testing add-on for more information.