Physical Security Assessment
The first step in securing your organization is knowing exactly where you stand when it comes to your physical security exposure: the most neglected and compliance-driven part of cyber security.
A Physical Security Assessment evaluates every potential attack surface that a threat actor might target to conduct sabotage or exploit weaknesses in your organization’s physical security that might have a profound impact on your cyber security.
The assessment identifies vulnerable entry points that might allow an attacker to reach sensitive locations or might lead to the compromise of networks and devices. By conducting an in-depth review of points of entry, access control, and on-site protocols and technology, along with selected penetration testing, a maturity overview is generated along with a detailed action plan.
Hacker Minded provides best-practice recommendations, empowering you to mitigate these risks at their source and strengthen your overall physical security posture.
Overview & Methods
Obtain an attacker's overview on where the real weaknesses and entry points might be for your organisation.
01 Physical/Technical Bypass
Find out if your processes allow for the exploitation of human weaknesses rather than technical vulnerabilities.
02 Social Engineering
Test the sum of all your controls and see how susceptible you are to a number of hybrid attack and penetration testing scenarios e.g. intrusion, exfiltration, etc - and whether your detection and response aligns with your security policy and expectations.
03 Penetration Testing
Process
This phase entails gathering all relevant information about the locations, partners, suppliers and critical functions. Based on the gathered information, relevant attack scenarios are written out along with the testing methodologies to be used.
Planning & Scenario Building
1
Once initial access has been established through penetration testing scenarios or de-chaining: assess and document the detection and response against an intruder's lateral movement with the potential for theft of sensitive information, compromise, rogue device placement or insider threat actions. Documentation of response of all relevant controls and suppliers.
Lateral Movement, Post-Exploitation & Documentation
3
Attempt to physically enter the target locations or areas by exploiting identified weaknesses using the agreed upon techniques e.g. pre-texting and diversion, social engineering, tailgating, lockpicking, electronic intrusion methods and access control bypass techniques.
Initial Access
2
Consolidation of all findings, including successful and unsuccesful entry and lateral movement methods, weaknesses and response observed. Reporting and debrief phase with stakeholders and partners to explain the findings and agree on a remediation plan.
Debrief & Remediation
4
Why Hacker Minded?
With over two decades of international cyber security know-how and experience, Hacker Minded ensures a personalised approach and delivery that focusses on your business and its unique requirements, business sector and risk situation.
→ Professional Security Test Planning
→ Professional Mgmt of Penetration Testing
→ Security For All In The Modern Workplace