The primary objective for a physical penetration test is to measure the strength of existing physical security controls and uncover their weaknesses before criminals are able to discover and exploit them.

 

Physical penetration testing, or physical intrusion testing, will reveal real-world opportunities for malicious insiders or criminals to be able to compromise physical barriers (ie: locks, sensors, cameras, mantraps)  in such a way that allows for unauthorised physical access to sensitive areas leading up to data breaches and system/network compromise.

​

This type of test is an attack simulation carried out by our highly trained security consultants in an effort to:

​

• Identify physical security control flaws present in the environment

• Understand the level of real-world risk for your organization

• Help address and fix identified physical security flaws

• ​

Keo's physical penetration testers have experience infiltrating some of the most secure environments the same way criminals would. They leverage this experience, enabling a client  to zero in on critical issues while Keo provide actionable remediation guidance.

​

Approach

​

Keo's penetration testing service utilises a comprehensive, risk-based approach to manually identify critical application-centric vulnerabilities that exist on all in-scope applications.

​

1. Information gathering
2. Threat modeling
3. Vulnerability analysis
4. Exploitation
5. Post-Exploitation
6. Reporting

​

Using this industry-standard approach, Keo's comprehensive methods includes, but not limited to: Passive Reconnaissance, Open Source Intelligence (OSINT), Active Reconnaissance (drones, onsite covert observation), Vulnerability Identification, Exploitation, Post-Exploitation and more.

​

Tools

​

In order to perform a comprehensive real-world assessment, Keo utilises commercial tools, internally developed tools and the same tools that criminals might use on each and every assessment. Once again, our intent is to assess systems by simulating a real-world attack and we leverage the many tools at our disposal to effectively carry out that task.

​

Reporting

We consider the reporting phase to mark the beginning of our relationship. Keo strives to provide the best possible customer experience and service. As a result, our report makes up only a small part of our deliverable. We exist to not only find vulnerabilities, but also to fix them.