Security Testing
Wireless security testing that finds the weak encryption, rogue access points and segregation gaps an attacker in your car park is looking for.
An attacker does not need to breach your firewall if they can join your network from the car park. Our WiFi penetration testing (Wi-Fi security assessment) shows whether your wireless estate is a hardened extension of your network — or an open side door into it.
Our CREST-accredited consultants assess your access points, encryption protocols, authentication mechanisms and network configuration against the attacks used in the real world: cracking weak or shared credentials, exploiting misconfigured WPA2 and WPA3 deployments, standing up rogue access points and evil-twin networks to capture user credentials, and hunting for unauthorised access points staff may have connected themselves. Captive portals and pre-shared key management are reviewed too, because weak processes routinely undo strong encryption.
Just as important as getting on the network is what an attacker can reach once connected. We test the segregation between corporate, guest and IoT wireless networks and the wired estate behind them — because a guest network that can see your servers is not a guest network. Where agreed, testing continues past the initial foothold to demonstrate the real-world impact of a wireless compromise.
The engagement runs through Sentry like all our testing: a tailored scoping questionnaire and call, findings uploaded in real time, immediate alerts for critical and high-severity issues and direct messaging with your consultant. Reporting includes a board-ready executive summary and detailed technical findings with evidence, CVSS scores and practical remediation guidance, followed by a debrief.
Wireless testing is typically delivered on-site at your premises, scoped around your locations and estate size, and combines naturally with internal infrastructure testing in a single engagement. Multi-site organisations can sample representative locations or rotate testing across sites year by year. Results support PCI DSS, ISO 27001 and Cyber Essentials Plus evidence, and findings remain in Sentry for remediation tracking and comparison with future assessments.
Credential cracking, rogue access points, evil twins and misconfiguration abuse — the techniques attackers actually use.
We verify that guest, corporate and IoT networks are genuinely isolated from each other and from your wired estate.
Unauthorised or forgotten access points are identified before an attacker finds them.
Issues appear as they are discovered, with immediate alerts for critical and high-severity findings.
Reports support PCI DSS, ISO 27001 and Cyber Essentials Plus requirements for wireless security.
Complete a short questionnaire tailored to the test type, then join a scoping call with a consultant. You receive a clear proposal and Statement of Work, and your project is created in Sentry. Typically one to two weeks.
Your consultant is assigned and logistics are arranged: IP whitelisting, credentials, access and rules of engagement. The testing window is scheduled around your business. Typically one week.
Expert-led manual testing begins. Findings appear in Sentry in real time as they are discovered, you are alerted immediately to critical and high-severity issues, and you can message your consultant throughout. From two days for a small web application to fifteen or more for enterprise estates.
After quality assurance you receive a board-ready executive summary and detailed technical findings with evidence, CVSS scores and remediation guidance, followed by a debrief session. Findings remain in Sentry for remediation tracking and comparison with future tests.
Straight answers to what prospective clients ask us most.
Usually, yes — wireless attacks are constrained by radio range, so testing from where an attacker would sit gives the truest picture. Multi-site estates can be sampled sensibly, and we agree the approach during scoping.
It can be. Guest networks are only safe if they are properly segregated from your corporate systems — a common failure we find is guest traffic that can reach internal servers or management interfaces. Testing verifies the isolation actually holds.
WPA3 raises the bar but does not remove the risk. Misconfiguration, transition modes, weak authentication back-ends and rogue access points all remain exploitable, and only testing shows how your specific deployment stands up.
Yes. Wireless testing pairs naturally with internal infrastructure testing — together they show both how an attacker gets onto your network and how far they could go afterwards — and can be scoped into a single engagement with one report.
Get a fixed-scope quote, usually the same working day.