Physical Attack and Penetration

This assessment is an attempt to breach or circumvent the physical security measures in place at targeted locations.

Physical Attack and Penetration Assessments are designed to illustrate risk by finding and exploiting the vulnerabilities within an organization’s physical security controls. This assessment bridges physical and social attack vectors to determine the likelihood that unauthorized individuals may be able to access sensitive areas and information.


Many organizations expend significant resources in the defense of their facilities and personnel without ever testing the controls they put in place. Physical security vulnerabilities can expose your organization’s most precious resources to catastrophic risk, and are therefore deserving of evaluation in their own right. SecureState’s Physical Attack and Penetration subjects your organization’s physical security controls and procedures to a comprehensive, threat-representative test. This assessment exposes gaps and vulnerabilities that may jeopardize the effectiveness of the whole security program. Your Oorganization will s come away with a more refined understanding of their its exposures, and detailed recommendations for addressing any vulnerabilities in both the near and long term.


SecureState’s physical security team is comprised of highly qualified individuals with a range of backgrounds. Our team members have held positions in military intelligence, financial services security, security auditing, community emergency response, and beyond. Our professional experience and expertise includes threat intelligence, policy development, tactical operations planning, and national security policy.

This diverse team is brought together by its shared passion for security and desire to find solutions to our clients’ most pressing security challenges. Together, the team has leveraged its talents to build, implement, and test complex physical security programs for organizations across a range of industries and a multitude of environments. Some of the largest organizations within their respective industries have trusted the advice and recommendations of SecureState professionals in the design, implementation, management, and testing of their security architectures.

Our capabilities, along with our comprehensive knowledge of our clients’ missions, enable SecureState to build productive long-term relationships with our clients while crafting solutions appropriate to their needs.

Approach and Methodology

SecureState's approach to physical security testing follows industry accepted methodologies including OSSTMM and ASIS standards to obtain physical access to client facilities. SecureState begins Physical Attack and Penetration assessments by conducting an extensive search of open sources on the target organization and facilities. Information gathered through remote intelligence gathering is used to prioritize on-site reconnaissance efforts, develop plausible pretexts for social engineering attacks, and identify any special skills or equipment that may be required. Members of the attack team also conduct extensive reviews of the sites using satellite imagery and street-level photographs. Information gathered from this phase is used to determine potential avenues of approach, and blind spots, and prioritize areas for onsite reconnaissance.

Once in the vicinity of the target location or locationss, SecureState conducts additional onsite intelligence gathering. This includes covertly observing the target location for foot and vehicle traffic patterns, security patrols and rotations, access control systems, video surveillance, and other controls. Potential gaps and vulnerabilities are also noted at this stage. Based on this remote and onsite reconnaissance, SecureState develops several potential approaches spanning a variety of attack techniques. All approaches are non-destructive but may include lock picking or barrier bypass.

Once attack plans are developed, SecureState executes those with the highest probability of success. If an attempt leads to perimeter breach, SecureState attempts to penetrate further into the target facility to obtain access to sensitive areas or information, including any “trophy” data or locations identified by the client. SecureState documents the entire process to aid in the creation of detailed and impactful recommendation plans.

Get Started!