Physical Penetration Testing
Your firewall does not stop someone walking in
We attempt to enter your offices, reach your network, and plant a device, exactly as a real intruder would, so you find out what your physical security actually stops
Three days of planning. One day per location.
The cheapest way into your network is often the front door
Badges get tailgated, doors get propped open, and a confident stranger rarely gets questioned. Attackers know that physical access beats most digital defences, because once a rogue device is on the internal network, the perimeter is gone. We test whether that could happen to you. Our team attempts to gain access to your premises and plant a device on your network, then walks you through exactly how far we got, what worked, and what to fix.
What we test
Three ways we test whether your building holds
Can an outsider get past reception, locked doors, and access controls and move freely inside your offices?
Once inside, can we reach a live network port and connect a rogue device that gives an attacker a foothold?
Do your security controls work the way you believe they do, from badge policies to visitor handling to staff awareness?
How we work
From reconnaissance to a report you can act on
Plan
We agree on scope, objectives, and rules of engagement, and prepare the operation. Three days.
Engage
Our operators attempt to enter the premises and reach the network. One day per location.
Report
You get a clear account of what we attempted, what succeeded, and prioritised recommendations to close the gaps.
Who needs this
Organisations with valuable networks behind their walls
If network access means data access, the building is part of the attack surface.
- Rogue device testing
- Internal network exposure
Multi-location operations
Consistent security on paper rarely means consistent security across every site.
- Per-location testing
- Comparable results
Regulated and certified organisations
Physical security is part of ISO 27001, NIS2, and DORA expectations. Prove yours holds.
- Audit evidence
- Tested controls
Why Syndis
Certified. Experienced. Ready
What to know before we knock
Yes. Every engagement runs under a signed agreement with defined scope, rules of engagement, and an authorisation letter our operators carry at all times. Your designated contacts know the test is happening even when staff do not.
Find out before someone else does
Tell us about your locations. We come back with scope, rules of engagement, and a date.