Drone (UAV) Security and Surveillance
  • Home
    • About
    • Privacy Impact and Data Security
    • UK Drone Legislation
    • Drone Operations FAQ
    • Download Library
    • BLOG
  • Drone Services
    • Drone Security Services
    • Drone Security at Night
    • K9 Drone Security
    • Residential Security Services
    • Drone Detection Services
  • Our Equipment
    • Security & Surveillance Drones
    • Rapid Deployment Security Drones
    • Drone Operations Support Unit (OSU)
  • Contact Airvis

Penetration Tests

​Penetration Testing: A physical penetration test is a non-invasive, comprehensive assessment of the physical measures and procedures in place at a facility/location.
 
The purpose of a physical penetration test is to audit the fortification and resilience of security measures on a site, verifying documentation and operating procedures and to identify weaknesses and vulnerabilities to such through exploitation in an auditable manner.
 
Evidence obtained through this process can help senior management implement mitigation to reduce the effect of incidents, lost time, negative publicity and accidents, ensuring profit protection through their loss prevention and health and safety strategies.
 
Penetration tests are carried out by the specialist services department and utilise a combination of experienced surveillance operatives and specific technology to aid the process. Such technology may include infrared and thermal imagery, Unmanned Aerial Systems (UAS), GPS tracking and parabolic microphones, to name a few. The recommended use of equipment will always be discussed and agreed with the client during the planning phases.
 
During operational planning, we will liaise with the local relevant emergency services and ensure that the plans and objectives are logged against relevant databases. Prior to starting and on completion of the test, the relevant agencies will be informed to ensure that unnecessary resource is not directed to the site, in response of the test.
 
The penetration test can be embedded into a full threat-risk assessment or as a standalone task. A Threat-Risk Assessment (TRA) is a comprehensive report compiled to assess and identify specific security weaknesses in structure, design, manning, contractors, suppliers, geographical siting and IT systems which could be exploited to have an impact on the likelihood of a threat against the client or its business.

Penetration tests are divided into two categories; Cyber and Physical. Within each category are sub sections as follows:

Picture
Picture
Picture

A penetration test will audit the fortification and security posture of a site, measuring and stress testing the mitigation in situ, such as:

  • CCTV
  • lighting
  • streetscape
  • access control
  • manned presence
  • processes and procedures
  • documentation
  • standards, deportment and expectation
  • control of sensitive information
  • any other factor bolstering the security resilience.
Vulnerabilities are exposed through physical auditing, therefore providing opportunity to indorse change before the exposure is exploited by an adversary.
 
Evidence obtained through this process can help senior management implement mitigation to reduce the effect of incidents, lost time, negative publicity and accidents, ensuring profit protection through their loss prevention and health and safety strategies. 

The Process

Picture

Methodology

Picture

Passive Reconnaissance

Picture
​Passive Reconnaissance is the collation of data regarding the target, available through the use of public tools such as Google Earth. The purpose is to build a picture of the environment and demographical region around the site.

Open Source Intelligence (OSINT)

Picture
​Open Source Intelligence gathers intelligence about the target, its people and specifics about the environment. Utilising a different set of public tools, such as social networks, job boards, etc. This process provides specific information on the target and its operations.

Active Reconnaissance

Picture
​Active Reconnaissance is the gathering of intelligence remotely, generally this includes telephoning, emailing or otherwise directly querying target staff or vendors of the target to exploit information not available through passive means. 

Covert Observation

Picture
​Covert observation includes gathering intelligence of the target up close in an effort to identify physical security controls and monitoring staff and/or contractors. This process generally uses technical support such as cameras, GPS trackers, Small Unmanned Surveillance Aircraft (SUSA) etc. 

Infiltration Planning

Picture
​Information gleaned from the above will begin to coalesce. Vulnerabilities, exit points, entrance points, cameras, guards, fences, company technology, staff members and other relevant information are used to commence this planning phase.

Pretexting

Picture
​On approval of the infiltration plans, pretexting is initiated. This involves progressing the plan into action and ensuring the team’s equipment, transportation and personnel are briefed, task specifically trained and ready to deploy.

Infiltration, Exploitation and Post-Expolitation

Picture
​During these phases, the team carries out the plan by exploiting exposed vulnerabilities (using information and intelligence previously captured). Exploitation involves penetrating further into the environment and setting up to maintain a persistent vulnerability. Examples of this may be through social engineering or technical surveillance measures (clandestine recording devices).

Contact us for more Information or to Discuss a Penetration Test

CONTACT US

Drone Security & Surveillance

Drone Security Services
Drone Security at Night
K9 Drone Security Services
Residential Security Services 
Drone Detection Services

INformation ​

About
Our Operations Process
Privacy and Data Control
UK Drone Legislation
​​Drone Operations FAQ
Blog 

Our Security Drones 

Security & Surveillance Drones
​Rapid Deployment Security Drones
​Drone Operations Support Unit (OSU)

contact Details 

Contact Airvis
Tel: 0161 669 6291
Email: info@airvis.co.uk

 Website Privacy Policy  Data Protection Statement. 
Airvis Ltd , International House , 61 Mosley Street, M2 3HZ, United Kingdom. Registered in England and Wales 9475054
  • Home
    • About
    • Privacy Impact and Data Security
    • UK Drone Legislation
    • Drone Operations FAQ
    • Download Library
    • BLOG
  • Drone Services
    • Drone Security Services
    • Drone Security at Night
    • K9 Drone Security
    • Residential Security Services
    • Drone Detection Services
  • Our Equipment
    • Security & Surveillance Drones
    • Rapid Deployment Security Drones
    • Drone Operations Support Unit (OSU)
  • Contact Airvis