Physical Pen Testing

images

Physical Penetration Testing

DPH Security Consultancy understands the true strength and effectiveness of physical security controls in data centres, offices, substations, critical infrastructure and more.

Overview

DPH Security Consultancy works with a number of ex-SAS personnel who specialise in conducting thorough Physical Penetration Testing techniques in some of the most highly secure areas. As a leading independent security consultancy, DPH Security Consultancy can offer access and oversight in providing these specialist testing techniques.

The test provided by DPH Security Consultancy is an attack simulation which is carried out by highly trained ex-SAS personnel in an effort to:

  1. Identify physical security control flaws present in the environment
  2. Understand the level of real-world risk for your organisation
  3. Help address and fix identified physical security flaws

Security physical penetration testers have experience in infiltrating some of the most secure environments the same way unwanted visitors would. They leverage this experience to home in on critical issues and provide actionable remediation guidance.

The primary objective for a physical penetration test is to measure the strength of existing physical security controls and uncover their weaknesses before bad actors are able to discover and exploit them. Physical penetration testing, or physical intrusion testing, will reveal real-world opportunities for malicious insiders or ‘bad actors’ to be able to compromise physical barriers (ie: locks, sensors, cameras, mantraps) in such a way that allows for unauthorised physical access to sensitive areas leading up to data breaches and system/network compromise.

 

chart-new-phys-1024x415

Approach

The Physical Penetration Service will include a comprehensive, risk-based approach to manually identify critical application-centric vulnerabilities that exist on all in-scope applications.

  •  Information Gathering
  • Threat Modelling
  • Vulnerability Analysis
  • Exploitation
  • Post-Exploitation
  • Reporting

Tools

In order to perform a comprehensive real-world assessment, specialist ex-SAS teams will utilise commercial tools, internally developed tools and the same tools ‘bad actors’ might use on each and every assessment. Once again, the intent is to assess systems by simulating a real-world attack and leverage the many tools at our disposal to effectively carry out that task.

Reporting

The reporting phase marks the beginning of what is hoped to be the beginning of a very positive relationship. DPH Security Consultancy strives to provide the very best possible customer experience and service and as a result, the report makes up only a small part of the full spectrum of deliverables. This unique and very specialised service will provide clients with the necessary information to close any identified vulnerabilities following the reporting phase.

DPH Security Consultancy is determined to not only find vulnerabilities, but also to fix them.

 

Promoted by Derek Horne on behalf of DPH Security Consultancy Ltd, both at Dane John Works, Gordon Road, Canterbury, Kent, United Kingdom, CT1 3PP
Copyright 2018 © DPH Security Consultancy Ltd. All rights reserved.