Our Services

Close Access Cyber Operations

Physical proximity enables cyber effects that remote operations cannot reach. Four tiers of close access capability, white-labeled under your brand, with compliance-ready deliverables for your client's audit.

Sigress delivers physical penetration testing, wireless security assessment, and red team operations as a white-label capability for cybersecurity firms. Every engagement produces compliance-mapped findings for PCI DSS, HIPAA, SOC 2, ISO 27001, CMMC, and NIST RMF.

FOOTPRINT

Site Intelligence & Targeting

Remote and on-site reconnaissance and physical security assessment to identify attack vectors before anyone touches a door.

LOE: 3-5 daysBest for: Gap analysis, engagement scoping
  • OSINT collection and third-party access mapping
  • Pattern-of-life observation and shift analysis
  • Security system and access control identification
  • Perimeter assessment and RF environment survey
  • Proximal attack surface mapping (systems exploitable from adjacent spaces, parking areas, or public zones without building entry)

THRESHOLD

Physical Penetration Test

Hands-on physical penetration testing and close-proximity exploitation, from badge cloning and lock bypass to wireless attacks conducted without entering the building.

LOE: 1-2 weeksBest for: Compliance-driven annual testing
  • Social engineering and pretext development
  • Access control exploitation and RFID cloning
  • Lock and barrier bypass techniques
  • Close-proximity wireless exploitation and IoT device exposure
  • Cyber hygiene inspection (unlocked workstations, exposed credentials, unsecured media)
  • Compliance-mapped findings (PCI, HIPAA, SOC 2, ISO, NIST RMF, CMMC)

STRONGHOLD

Objective-Based Red Team Operation

Full-spectrum red team operations combining close access cyber techniques against high-value targets with kill-chain reporting from approach to objective.

LOE: 2-4 weeksBest for: Mature programs, joint cyber-physical ops
  • Network infrastructure targeting
  • Exploitation implant placement and handoff, or simulated placement where live implantation is outside ROE
  • Implantless close access exploitation (wireless credential harvesting, Bluetooth compromise, RF interception)
  • Persistence testing and multi-path access establishment
  • Off-cycle operations (nights, weekends, holidays)
  • Multi-framework compliance mapping

CADENCE

Continuous Assessment Program

Continuous penetration testing program with quarterly on-site assessments, remediation validation, and annual security posture reporting.

LOE: Annual retainerBest for: Ongoing compliance and audit support
  • Rotating quarterly assessments with varied vectors
  • Remediation validation and re-testing
  • Social engineering benchmarking over time
  • Close access threat updates (new proximal techniques incorporated each cycle)
  • New facility assessments and ongoing advisory

How We Work

Invisible to your client.

1

Partner Scoping

Your cybersecurity firm brings us in early. We help define the close access scope, ROE, and compliance mapping.

2

Reconnaissance

OSINT collection, site observation, access control identification, and targeting package development.

3

Execution

We operate under your brand, your ROE, and your communication protocols. From inside the building or from the parking lot, the client sees your name only.

4

Deliverables

Compliance-mapped finding cards, operation narratives, and remediation guidance — in your template or ours.

Ready to add close access capability?

Tell us about your engagement and we'll scope the right tier for your client's compliance requirements.

Start a Partnership