BackServices/ Physical Security Test

Physical Security Test

We see physical security as an elementary part of corporate security. Here, information technology is making inroads alongside traditional physical issues. A modernization of physical security seems overdue. 

We are passionate legal burglars and look forward to putting your systems to the test or to analyse your building plans and installed structural measures for possible physical access with you in a structured step-by-step manner.

Physical Security Walkthrough
In this assessment, we walk through your premises with you and determine both theoretical and practical burglary risks. If desired, especially non-destructive techniques can be tested together in person during the inspection in order to receive direct feedback on the probability of implementation. Which points are going to be analysed together is determined by you based on your own risk assessment, or can be based on the results from previous analyses of the building plans as well as theoretical physical attack scenarios that we determine during the project.

Physical Security Penetration Test
In this assessment, the possibility of physical access is tested in practice. The scope is defined in advance. Then the testers determine how they will achieve the set goals based on their experience. In traditional penetration testing, the scope can span from testing the technical weaknesses of the entire physical structure of the company to very specific assessments of individual devices, such as isolation locks.

Test of Video Surveillance, Alarms and Access Control
When you are implementing a new system or introducing these parts of your corporate security in your risk management, you will need an assessment of the risks in these subject areas. With this assessment, we support you in determining the theoretical and practical risks, starting with process flows and going on to hacking of devices and networks, such as access card systems and alarm systems.

Physical Red Teaming
When it comes to physical access to companies, a balanced interaction of physical security measures with those of the security awareness of employees and detection and reaction options of the security team is essential. With physical red teaming, we coordinate the scope and restrictions with you, create targeted attack plans and carry out attack simulations in which we actively infiltrate your company and not only test the physical security, but also the detection and reaction to our intrusion attempts.

We visit DefCon 31

We were very happy to visit DEFCON in Las Vegas, NV, USA in August 2023 for the first time! DEFCON is an annual event which attracts up 30,000 attendees interested in the fields of Physical Secur...

Read more

Welcome to our new team members

Our team has grown and we are happy to welcome three new employees to our pentesting team. With their help, it is easier for us to respond to the many project requests we’ve had and we hope to be able...

Read more

Thomas at Treasury on Tour in Cologne

Treasury on Tour is an event by Schwabe, Ley & Greiner to bring together the leading heads of treasury with high-grade lectures, discussions and the possibility to network. HACKNER Security Intell...

Read more

See all news

References & Case Studies


On-Site Physical Security Review


An energy company already had a zone concept for the entire system and wanted to have this concept checked through a physical inspection. Critical areas should be particularly secured. There were already existing isolation gates at the entrance, also considering trucks.

Our inspection revealed that the isolation gates could be bypassed at the right places, allowing attackers direct access to the company premises. Access doors could also be opened with a door hinge or opening pin. We recommended further structural measures to secure the site and replacing the access doors with burglary-resistant doors.


Attack Preparation Through Public Floor Plan


The room plans of an educational institution were publicly visible, which meant that critical rooms, such as server, heating or archive rooms, could be identified for the physical security penetration test.

On site, the rooms described were usually not locked and could be opened in a short time using simple means. Access to the server room was not possible, but access to the heating control and rooms with important documents was possible.

Our recommendation was to apply similar security measures as for the server and to design the public space plans according to a need-to-know principle.


Building Access Through Alternative Access Routes


The task was to gain access to a large office building with reception desk. In preparation, a building plan from the architect with the exact rooms for the first two floors could be found on the Internet.

Five entrances and paths could be identified from the plan, allowing the reception desk to be bypassed. Most of these entrances were closed, but not locked, and could be opened with simple means.