All sessions
Conference SessionBeginner60 min

Anatomy of a Physical Penetration Test: Recon to Remediation

Physical pentests should produce more than war stories. Physical penetration testing remains one of the most misunderstood and inconsistently executed disciplines in offensive security. In "Anatomy of a Physical Penetration Test: Recon to Remediation", Ken Smith maps the problem to a repeatable path from recon and pretexting to evidence, reporting, and remediation, so the path from concern to action feels more concrete.

About This Session

Physical penetration testing remains one of the most misunderstood and inconsistently executed disciplines in offensive security. While mature frameworks exist for network and application testing, physical engagements are too often treated as improvisational exercises: poorly documented, difficult to reproduce, and resulting in deliverables that read more like war stories than actionable intelligence.

This talk walks through the complete lifecycle of a physical penetration test using a composite case study drawn from real-world enterprise engagements. From scoping and passive reconnaissance through pretext development, on-site execution, real-time documentation, and final reporting, each phase is examined through the lens of a structured, repeatable methodology.

Attendees will see how planning decisions directly impact operational success, why real-time capture of findings is critical to report fidelity, and where most teams lose the thread between field discoveries and final deliverables. The talk addresses common challenges including managing OPSEC during documentation, coordinating between field operators and remote command elements, and translating physical access findings into business risk language.

Whether you're an operator sharpening your tradecraft, a security leader evaluating testing vendors, or a consultant elevating engagement quality, this session provides a practical blueprint.