Pen testing services differ wildly once you look past the marketing pages and the sharpest difference shows up in one question buyers forget to ask. Does the provider actually test your people, or only your servers?

Many firms stamp the word comprehensive on their offer yet never send a single phishing email. That gap is exactly what this article untangles, naming five companies whose work touches the human side of security.

Why The Provider You Pick Changes The Outcome

Picture two security firms hired for the same job. One scans your code, hands over a report and leaves. The other emails your finance team a fake invoice, calls your help desk pretending to be a locked-out executive, then walks through your lobby behind a distracted employee.

Both call themselves penetration testers. Only one shows you how a real attacker would actually get in. The lesson is simple. The name on the contract decides whether your weakest link ever gets tested.

What Social Engineering Adds to a Test

Social engineering targets judgment rather than code. Instead of hunting a software bug, the tester hunts a moment of trust. A rushed click, a helpful answer, an unlocked door held open out of politeness.

The techniques that show up most often include the following:

• Phishing emails dressed as trusted senders
• Vishing calls impersonating IT or management
• Pretexting built around a believable cover story
• Tailgating through secured entrances
• Smishing sent over SMS

The Five Providers at a Glance

Before the details, here is how the five companies line up on what they emphasise. Each one folds social engineering into its work differently.

Provider	Social engineering focus	Notable strength
Andersen	Inside red teaming	Full-scope assessments and remediation
KirkpatrickPrice	Standalone campaigns	Methodology drawn from OSSTMM and NIST
Pentest People	Dedicated service	CHECK and CREST accreditation
GuidePoint Security	Onsite pretexting	Physical entry and rogue devices
CyberGlobal	Phishing metrics	Detailed click and report reporting

1. Andersen

Andersen folds social engineering into its red team engagements rather than selling it as a lone product. Its red teaming simulates realistic attack scenarios using penetration testing, phishing campaigns and social engineering together which means the human layer gets tested alongside technical and physical defences in a single exercise.

Why does that bundling matter? Because real adversaries never limit themselves to one tactic. A combined engagement mirrors that reality and ends with prioritised recommendations, proof-of-concept demonstrations and an executive summary that leadership can act on.

2. KirkpatrickPrice

KirkpatrickPrice treats social engineering as a direct simulation of a real-world attack on your organisation. Its testers build advanced campaigns designed to mislead staff into surrendering access to sensitive systems and data.

The firm leans on a recognised methodology. It draws from sources such as OSSTMM, CERT/CC, the SANS Institute, NIST and OWASP, then applies manual techniques and human intuition to attack the weaknesses it finds. People, in their framing, are the link no firewall can patch.

3. Pentest People

Pentest People runs social engineering as a bespoke standalone service. Certified specialists use phishing, vishing, tailgating and physical entry attempts to measure how well employees detect and respond to manipulation.

What sets the delivery apart is the reporting. Findings arrive through a portal where clients interact with results in real time which lets teams fix issues as they surface rather than weeks later. The firm also holds CHECK and CREST accreditations, two marks that buyers in regulated sectors watch for.

4. GuidePoint Security

GuidePoint pushes social engineering into the physical world. Its onsite pretexting sees testers impersonate an IT specialist or HR representative to reach sensitive systems and information.

Ever wondered how far a determined intruder could go inside your building? GuidePoint answers that with lock picking, badge replication, service provider impersonation and rogue devices. Combined with phishing and phone pretexting, these moves form a full-scope red team assessment that stresses every entry point at once.

5. CyberGlobal

CyberGlobal centres its social engineering work on measurable phishing outcomes. It deploys bulk phishing, spear phishing, vishing, smishing and impersonation while employees remain unaware the exercise is running.

The value lands in the numbers. After each campaign clients receive a report detailing who opened the email, who flagged it as suspicious, who clicked the link and who submitted data. Those figures turn a vague worry into a metric a board can track quarter over quarter.

How To Match a Provider to Your Worry

Choosing among these five gets easier once you name your biggest fear. Worried a clever email fools your accountants? A metrics-driven phishing specialist fits. Worried someone strolls into your server room? A physical-entry firm earns its fee fast.

Many mature programs blend approaches across a year. They might start with a focused phishing campaign, then graduate to a combined red team once the basics hold. Layering matters more than loyalty to any single vendor.

What A Strong Engagement Should Deliver

A good assessment hands you a roadmap, not just a fright. Whichever provider you select, insist on outputs that engineers and executives can both use.

Look for these deliverables:

1.     A vulnerability report with severity classification

2.     Proof-of-concept demonstrations of successful attacks

3.     Prioritised remediation recommendations

4.     An executive summary for stakeholders

Reports without these elements describe the problem yet leave you stranded on the solution.

Bringing It Together

Social engineering lives in different corners across these five companies. It sits inside red teaming, stands alone as a dedicated service, stretches into physical entry and gets quantified through phishing metrics. The right fit depends on which human weakness keeps you awake at night.

If your priority is testing technology and people within one coordinated engagement, Andersen offers penetration testing services that wrap social engineering into broader red team and security assessments. Whichever route you choose, the firms above prove that serious testing never stops at the server rack.

Frequently Asked Questions

Can a social engineering test get an employee fired? 
Credible providers keep results anonymous and educational. Reports highlight patterns and training gaps rather than naming names which keeps staff cooperative instead of fearful for their jobs.

Do attackers still bother with phishing now that AI exists? 
More than ever. AI writes flawless, personalised lures at scale which is precisely why ongoing simulated phishing has grown more relevant rather than fading away.

Will testers physically break into our offices? 
Only inside an agreed scope. Physical engagements follow strict boundaries signed before work begins, so tactics like tailgating or badge cloning stay within legal limits set during planning.

Is one social engineering test per year enough? 
Rarely. Awareness fades and new hires arrive constantly, so many organisations run quarterly phishing simulations alongside a deeper annual assessment to keep vigilance sharp.

How do we prove awareness actually improved? 
Track the trend. Compare click rates and report rates across successive campaigns. A falling click rate paired with a rising report rate is the clearest signal your people are learning to spot the bait.