Your Perimeter Has Gaps.
We Find Them First.

Physical security testing is an authorised assessment in which trained security professionals attempt to gain unauthorised physical access to your facilities, restricted areas, and sensitive assets using the same techniques real attackers employ — tailgating, impersonation, access control bypass, and lock picking. The goal is to identify gaps in your physical defences before a malicious insider, contractor, or external attacker exploits them.

A typical engagement includes reconnaissance of the facility (OSINT, open-source imagery, publicly available floor plans), followed by on-site testing of entry points, access controls, visitor management, CCTV coverage, employee behaviour, secure areas, and document/device security. Testers document every attempt — successful or not — with photographic evidence, timestamps, and detailed observations for the final report.

All physical testing is governed by a signed rules of engagement document defining the scope, permitted techniques, out-of-bounds areas, and an emergency stop procedure. Testers carry authorisation letters from senior management throughout the engagement. Techniques are designed to demonstrate access without disrupting operations — for example, photographing a server rack to prove access without touching equipment. A dedicated white cell contact is available at all times.

Tailgating (also called piggybacking) is when an unauthorised person follows an authorised employee through a secured entry point without swiping a badge or passing authentication. It is one of the most common and effective physical intrusion techniques because most employees are reluctant to challenge or confront an apparent colleague. Our testing measures actual tailgating success rates at every controlled entry point and identifies which locations and times are most vulnerable.

Yes. Our surveillance assessment maps camera placement against actual movement paths through the facility to identify coverage gaps — areas where an attacker can move without being captured on camera. We also evaluate recording quality, footage retention periods, real-time monitoring effectiveness, and how quickly security staff respond to on-screen events. Many organisations discover significant blind spots in their server rooms, car parks, and loading bays.

Physical security controls and testing are mandated by PCI DSS (Requirement 9 — restrict physical access to cardholder data), HIPAA (§164.310 Physical Safeguards), ISO 27001 (A.11 Physical and Environmental Security), SOC 2 (CC6.4 physical access controls), and NIST SP 800-53 (PE-3 Physical Access Control). Our reports include framework-specific mapping appendices for each standard to simplify auditor submission.

A single-site assessment typically takes one to three days of on-site testing, followed by two to three days of report writing and evidence compilation. Multi-site assessments are scoped per number of locations and required test depth. We can run assessments across business hours, out-of-hours, or a mix of both to capture security posture at different times when staffing levels and vigilance differ significantly.

The report includes an executive summary with a risk-rated overview of physical security posture, a full technical section with timestamped scenario narratives, photographic evidence of every successful and attempted breach, a CCTV coverage heatmap, access control test results per entry point, and a prioritised remediation plan covering hardware upgrades, procedural changes, and employee awareness recommendations. A follow-up re-test attestation is available once critical findings are addressed.