Physical Site Assessments

Could an attacker gain physical access to your facility or data center? We use advanced social engineering techniques to put your physical security controls to the test.

Objectives

  • Assess the risk of an outside threat actor attempting to gain physical access to a facility, building, or data center.
  • Understand current physical security processes and procedures and improve upon any weaknesses identified.

Outcomes

  • Detailed report including observations, impact and recommendations along with the timeline for attempting to gain physical access to the identified locations.
  • Identification of weaknesses in physical security protocols and defenses.

SRA Advantages

  • SRA regularly conducts physical security assessments for Fortune 100 and 500 companies that includes data centers, office, and special purpose buildings
  • We perform basic and advanced bypasses such as badge cloning, biometric bypasses, advanced reconnaissance and drone attack simulations.

High Level Activities

Reconnaissance

  • Conduct OSINT activities of the target site, employees, facilities, and related entities to determine potential paths to entry
  • Visit site and conduct necessary social engineering ahead of testing day to confirm OSINT and assumptions
  • Create execution gameplan(s)

Physical Testing

  • Confirm “get out of jail” letter and contacts / trusted agents for testing
  • Execute gameplan(s) to gain access to the site and facility
  • Conduct network reconnaissance activities on the internal network

Reporting

  • Discuss results immediately with designated trusted agents
  • Create report outlining the timeline of our activities, including photo and video evidence, impact and recommendations for improvement