Active Audit Agency

т: +38(044) 228-15-88

e-mail: info@auditagency.com.ua

Physical Penetration Testing(PPT)

What is it?

Physical Penetration Testing is a modelling of attack against physical security (on facilities, server rooms, communication channels)of your company.

The main purpose - to penetrate on your company site and gain access to its assets (including information systems) in order to identify vulnerabilities and shortcomings till they will be used by evildoer.

An approach to this test is used from potential burglar perspective and assumes active exploitation of found breaches in physical security. At the same time the test is performed by highly qualified personnel in ethics borders agreed with the customer.

Any information regarding your security breaches are supplied together with potential business impact assessment to business (or process owner). Also we will provide the recommendations on vulnerabilities elimination.

Why do you need this?

Physical penetration test is one of the important activities within information security efforts in company. According to Information Security Status Survey 2010 about 25% all security incidents connected to confidentiality losses were occured because of physical stealing of the data carriers.

Due to tremendous growth of the notebooks and smartphones this tendency will continue, which makes physical penetration test more valuable and nesessary.

Physical Penetration Test will allow you to evaluate real security posture of your assets protection.

How is physical penetration test conducted?

Active audit agency performs physical penetration test using the foloowing stages:

  • Test planning:
    • Meeting with the customer
    • Main goals and scope of the test
  • Vulnerability identification - can be treated as reconaissance and consists of:
    • Collecting information about company security guard
    • Discovery of potential vulnerabilities
  • Attempts to exploit vulnerabilities (penetration to the tested site)
  • Creation and presentation of the report on found vulnerabilities and theirs elimination.
  • Elimination of found vulnerabilities and other breaches in physical information security.

After countermeasures are applied we may, by your request, conduct the test once again.

As a result of Physical Penetration Testing you will get a report on detailed tasks performed and all security breaches exploitation possibilities. Also it will contain recommendations to eliminate found vulnerabilities.