Risk Management:
Security Penetration Testing

The Red Cell security penetration testing service is the highest level of physical and technical analysis of your security profile and is designed for large installations or establishments that contain high value assets. This specialist service is the only effective way to accurately confirm effective security of assets from human adversary actions, before a real event occurs. It is also the definitive third party security audit. The service is delivered through a carefully planned covert exercise format that follows a number of threat scenarios developed in close consultation with your organisation.

Red Cell work closely with you to conduct an initial Threat Vulnerability Assessment to identify potential human adversary groups and their likely targets; the key assets and areas of catastrophic failure within the establishment.  An exercise programme is then constructed and agreed with you to test key vulnerabilities that have been identified. Red cell operatives will then use various covert and overt breaching methods to gain entry to identified targets. On completion of the exercise, a debrief and comprehensive after action report is written to highlight any deficiencies in security, along with recommendations for cost effective physical and procedural measures to put in place to improve overall security.

Our unbiased and highly regarded security experts will become part of your team; the eyes and ears of your company to give you the ‘ground truth’ concerning your actual security profile. No other security organisation can offer you this level of expertise or detailed report and prioritised action plan.

Case History

Members of Red Cell were tasked to conduct a penetration exercise against a major oil refinery on the UK mainland.  During a 48 hour planning phase, plans were drawn up identifying various options to defeat the integrated alarm and intruder detection system, via a number of adversary attack routes. 

During the exercise, the facility was successfully breached by Red Cell teams who gained entry to all primary targets.  Dummy charges were positioned at key locations and notionally initiated, thus completing the mission. 

The subsequent report found that whilst the existing intruder detection and alarm assessment was fully effective, the delay and response to the attack was insufficient.  Red Cell recommended a number of key procedural improvements to reduce the reaction time of the response. 

The effect was that the adversary routes identified by Red Cell were no longer a viable option for intruders, which made a significant improvement to site security.