In my job as a security tester I often have the weird task of physical access penetration tests. That’s breaking into buildings for a living. So here I give a little introduction to what they are and some of the aims customers have when they procure a test of this nature. Whether it’s involves lock-picking or social engineering, it’s a weird job.
Red Teams are a romanticised part of security testing; and whilst red team engagements are usually amongst the most fun to deliver – but being fun to deliver doesn’t mean they’re always the most effective from a security point of view. A lot depends on the target organisation’s maturity, defensive capability, and engagement goals.