USBGuru Memory Device Attack Simulation Service

Assess vulnerability and train employees about the appropriate use of memory devices

Simultaneously Assess and Reduce Vulnerability to Attack

Wombat’s USBGuru™ is one of our Social Engineering Assessments that streamlines this process by both assessing risk and mitigating it at the same time. Wombat has proven with PhishGuru® that performing mock phishing attacks on end users and providing just-in-time training is effective at reducing user susceptibility to attack. USBGuru leverages this approach by applying it to another threat vector, removable memory devices. Instead of just doing an annual penetration test, USBGuru enables companies to test and train their employees throughout the year.

Security officers will use Wombat’s cloud-based interface to easily create a custom executable file with a brief training message embedded in the file. The executable file is saved onto removable memory devices which can be distributed to any location in and around the organization. When an employee plugs the USB drive into their computer they will be presented with just-in-time training. The training message will explain the risks associated with removable memory devices and provide practical advice to the employee. The USBGuru administrator interface provides detailed reports for security officers to know who is most susceptible to memory device attack, track training completion, and be able to group the susceptible individuals for follow up.

What can USBGuru do for you?

Determine the risk their organization faces due to the use of rogue memory devices by employees

Understand which employees are most susceptible to these attacks and who should receive additional training

Provide a teachable moment that ensures employees will follow company policy and only use USB drives they acquired personally, or through their IT department