Could an attacker physically gain access to your office and attack your network from inside? Could they gather sensitive information from employee desks or conference rooms? Could they gain access to your server room? A physical penetration test is designed to answer all of these questions over the course of roughly 3 days onsite at your facility. Before we dive into physical penetration test cost, it’s good to understand what engineers are doing during this time spent onsite. It usually starts with engineers scouting the facility, including looking for things such as:
- How long do doors take to close?
- What time do employees arrive and leave?
- Is there a cleaning crew, and if so what is their routine?
- What’s the layout of the facility, including ingress/egress locations?
- Any other information that may lead to them gaining access to the facility.
They will then use this information to physically try to break into your organization (check out our blog on the top 3 ways someone might gain access). Once the assigned attack team does gain access, they will search for sensitive information, try to gain access to server rooms, and try to connect to the network and elevate permissions, all without being caught. Once you decide that this is a good test for your company and your employees, the next question is how much does this kind of thing cost? This blog will explore physical penetration test cost and the factors that drive the price.
So How Much Does A Physical Penetration Test Cost?
A physical penetration test of one office location typically costs $4,800. The test will take approximately three days, one day for surveillance and two days to try to gain access to the facility. This cost does not account for travel expenses as those are billed separately, unless you are in the Charlotte, NC area.
What Factors Into Physical Penetration Test Cost?
The cost of a physical penetration test may fluctuate based on many factors. Although this list is not comprehensive, these are the primary factors that can influence the cost:
- Number of Sites – This is obviously the biggest physical penetration test cost factor. For each site that we test, we will need a day to perform reconnaissance and two days to attempt to gain entry. If the sites are located near each other there are some efficiencies and some phases can be combined. However, it will still add some time to complete the test.
- Travel – Although this is billed separately, this is something to consider when evaluating physical penetration test cost. As it is one of the few forms of penetration testing that absolutely requires onsite travel, cost can be different depending on where you are located. Our engineers follow a strict travel policy, and we try to ensure that we keep your costs to a minimum, but it is something to consider.
- Testing Windows – In some cases, clients want us to restrict our testing to only certain time windows. For example, we have a major client onsite from 11-4pm, so please don’t break in around that time. While we will do everything we can to accommodate your organization, it may require us to extend the test for another day, which will increase the cost.
Ready to get started? Contact us today for a detailed quote tailored to your organization!