Penetration Testing
Marengo conducts physical penetration tests on commercial sites, offices, and large residential houses to identify security vulnerabilities in their security plan.
What is Penetration Testing?
Penetration testing (or resilience testing) involves conducting a simulated attacks on premises, such as offices, houses, plants, and warehouses, to expose vulnerabilities in the security plan and areas for improvement. We then advise clients on appropriate security measures to implement to mitigate the associated security risks.
Our penetration testing simulates the actions of organised criminal groups and opportunistic threat actors who wish to breach a company’s physical security. Our team members assess the means, methods, likelihoods and impacts of range of possible attack scenarios, before designing security plans that will prevent such real-life attacks in the future.
Why choose Marengo for penetration testing?
There are many reasons why physical penetration testing may be required, including for new construction and renovations, to ensure compliance with regulations, or where there has been a security incident or system change. In addition, some clients require penetration testing during a merger and acquisition to ensure security measures are compatible with both companies.
Marengo Intelligence has a wealth of experience in this area. It can ensure that not only will your security improve, but the experience can serve as a training opportunity for staff members.
We offer tailor-made penetration testing against your locations, and this service is available internationally. We can advise you about the frequency of penetration testing; this will depend on the site, the industry, and the organisation’s specific requirements.
When you employ Marengo, you can have peace of mind knowing that current security systems and procedures have been robustly tested and evaluated by accredited security professionals.
What do we do during penetration testing?
There are usually a number of steps that take place during penetration testing. The process starts with reconnaissance, where our testers will gather as much information as possible about the target, including the location, layout of the facility, types of security and employee access. We can then develop a plan of attack.
During testing, we will aim to bypass physical controls, including fences, restricted access points and secured perimeters. Our operatives will also try to gain access without being caught on CCTV or video surveillance systems, or triggering alarms. We will attempt to identify weak locks and mechanical access controls, and exploit vulnerable low-frequency RFID access cards or keypad controls. Our team will use well-versed social engineering or physical manipulation methods to elude security personnel and employees.
Following each test, we issue a detailed written report documenting our findings, including all recommendations for improving security measures.