OnSecurity's Social Engineering Penetration Testing Service is a CREST-accredited testing service that simulates social engineering attacks to evaluate an organisation's human defences and staff security awareness. The service involves testers conducting detailed reconnaissance into the target organisation — including its employees and customers — before executing simulated attacks. These attacks can be conducted via phone, email, help desk channels, or web chat platforms. The objective is to determine whether an attacker could manipulate staff into revealing sensitive information or granting unauthorised access to accounts or systems. Testing methodology is manual and human-led, with an emphasis on identifying vulnerabilities that automated tools may miss. The service is delivered through an online platform that provides instant quotes, streamlined test booking, automated workflow notifications, and real-time access to findings reports. Reports include both technical and high-level summaries. Once identified vulnerabilities are remediated, free retests are available within a defined window. Subscription plans are available that combine periodic penetration tests with continuous vulnerability scanning and threat intelligence monitoring.