Choose the level of validation that fits your environment.
CM-SEC offers a staged approach, from foundational passive review through full-scope authorized testing. Each tier is designed to expand visibility, validate controls, and help organizations understand where real-world weaknesses may exist.
Baseline Review
A lower-friction starting point focused on passive discovery, visible weaknesses, and foundational exposure.
- Deep passive OSINT scan
- General security walkthroughs for common weaknesses
- Unsecured workstation and exposed-credential observations
- Poor desk practices and visible information exposure review
- Reception and visitor-process observations
- Challenge-culture observations
- Basic perimeter and entry-point review
Organizations that want a strong baseline without moving into active testing yet.
Expanded Validation
A broader, controlled assessment that moves from passive review into authorized active validation across people, process, perimeter, and technical visibility.
- Everything in Tier 1
- Controlled social engineering scenarios
- Access-control and visitor-process testing
- Tailgating and piggybacking exposure testing
- After-hours / nighttime review
- Voice security / vishing-style testing
- Wi-Fi / Bluetooth / RF awareness survey
- Basic device / signal identification around the facility
- Authorized active network discovery and mapping
- Device visibility and detection checks
- Network perimeter device plug-in testing
- USB / device connection alert validation
- Detection review for common physical-to-technical events
Organizations that want realistic validation of whether staff, workflows, and connected security controls are actually seeing and responding to activity the way leadership expects.
Full Scope Assessment
A comprehensive authorized engagement designed to test how a believable outsider could move from public exposure and human trust into physical access, technical opportunity, and deeper detection and response validation.
- Everything in Tier 2
- Multi-path physical penetration testing
- Coordinated social engineering and vishing
- Perimeter and after-hours adversarial testing
- Expanded active network discovery and mapping
- Deeper network perimeter device plug-in validation
- Deeper USB / endpoint alert validation
- Detection and response assessment for suspicious activity tied to physical compromise
- Alert logic review and tuning support for common endpoint / network events
- Physical-to-technical follow-on validation
- Optional drone / UAS exposure review
- Executive debrief and remediation-focused retest planning
Organizations that want the closest thing to a real-world, full-scope validation of whether physical security, people, workflows, visibility, and detection controls hold up under pressure.
Custom Engagements
The service tiers above are designed to provide a clear starting point, but real environments rarely fit into a fixed template. CM-SEC can scope specialized testing around your facility layout, staffing model, access workflows, operating hours, technical visibility, and security concerns. That means engagements can be adjusted to focus on the exact areas that matter most.
General Packages
Structured tiers provide a clean way to begin with baseline review, expanded validation, or full-scope assessment. They are built to simplify planning and help organizations choose a starting level of effort.
Tailored Testing
Engagements can be customized for specific concerns such as visitor handling, challenge culture, after-hours posture, wireless / RF exposure, OSINT-driven targeting risk, physical-to-technical pathways, detection validation, or other site-specific priorities.