Physical security. Tested on site.
The best firewall in the world cannot stop an attacker who walks through your front door. Our certified testers assess your physical access controls, staff security behaviours, and on-site security procedures to identify the gaps that put your people, data, and assets at risk.
Every physical security control. Assessed in person.
Our physical security testing covers the full range of on-site attack techniques used by real-world threat actors and insider threats.
Access Control Testing
Assessment of physical access controls including door locks, key card systems, PIN pads, and biometric readers to identify weaknesses that could allow unauthorised entry.
Tailgating and Piggybacking
Real-world testing of whether staff challenge unknown individuals attempting to follow authorised personnel through secure access points.
Secure Disposal Assessment
Review of document and device disposal practices including dumpster diving assessments to identify sensitive information discarded without proper destruction.
CCTV and Surveillance Review
Assessment of CCTV coverage, blind spots, recording retention, and access to surveillance systems to identify gaps in physical monitoring.
Unattended Device Testing
Testing of whether unattended workstations, laptops, and devices are properly secured, locked, and protected from physical access by unauthorised individuals.
Rogue Device Placement
Assessment of whether unauthorised network devices such as rogue access points or keyloggers could be physically installed in your premises without detection.
A structured assessment. Actionable findings.
Every physical security test follows a rigorous process. You know exactly what we are doing, when we are doing it, and what you will receive at the end.
Scoping and Rules of Engagement
We agree the target premises, testing window, and any areas or systems that are out of scope. A signed rules of engagement document protects both parties.
Reconnaissance
Passive reconnaissance of the target premises including open-source intelligence gathering, site observation, and identification of access points and security controls.
Physical Intrusion Attempts
Controlled attempts to bypass physical access controls, tailgate through secure doors, and access restricted areas using social engineering and technical bypass techniques.
Internal Assessment
Once access is gained, we assess what an attacker could do inside your premises including accessing unattended devices, planting rogue hardware, and extracting sensitive information.
Reporting and Risk Rating
A clear report with executive summary, physical security findings, risk ratings, photographic evidence, and prioritised remediation recommendations.
Remediation Support
We remain available to advise on remediation and can conduct a follow-up visit to verify that physical security improvements have been implemented effectively.
How we have helped UK businesses stay secure.
Financial Services Office
A UK financial services firm needed physical security testing as part of their ISO 27001 certification process, covering their London and Manchester offices.
Tailgating vulnerability identified at both sites. Access control procedures updated. ISO 27001 certification achieved.
Data Centre Operator
A UK colocation provider needed physical security testing to demonstrate assurance to enterprise clients and satisfy their SOC 2 audit requirements.
Clean physical security assessment delivered. SOC 2 audit passed. Three enterprise client contracts retained.
Healthcare Facility
A private healthcare provider needed physical security testing to confirm that patient records and clinical systems were protected from unauthorised physical access.
Two access control weaknesses resolved. Secure disposal procedures updated. CQC inspection passed.
Get a physical security assessment quote in 24 hours.
Tell us about your premises and we will come back with a fixed-price quote, a proposed timeline, and a clear scope document. No obligation.