Walk-in tests

We perform walk-in tests to gain insight into the physical information security of your company

Home » En » Walk In Tests


Does the protection of your confidential information withstand our physical walk-in test?

We are all busy enough and therefore not always able to delve into the physical modus operandi of malicious parties. Yet we see in the news that things often go wrong.

Think of it as a missed opportunity if you are not optimally prepared for a malicious attack.
Imagine the worst-case scenario. You will be surprised how easy it is to influence business processes or to obtain personal or company-sensitive information. With all its consequences!

A walk-in test shows whether your organization has sufficient physical security measures in place to stop malicious parties.
Without noticing it, third parties can often easily gain access to your sensitive data or processes. In 85% (!) of the cases, we succeed in exposing the gaps in the security of information with a simulated attack. And if we can do this…
A physical walk-in test can be combined well with cyber PEN testing and red team audits.
Read more below for who these tests are intended for and what they will bring you.


About Cocoon

Cocoon risk management has been providing practical solutions in the field of Safety, Security and Design since 2000. Our services include making an inventory of your risks and providing professionally substantiated, customized advice.


We are a Dutch, independent consultancy firm.


Efficient, effective and customer-oriented solutions for every security issue.


Cocoon is known as one of the forerunners in the market.

Personalized approach

A personal approach in combination with a project-based approach ensures customization.

Rob van Dijk RSE RCE ATO
0031 (0) 79233150 | info@cocoon.nl

What is a walk-in test?

Walk-in tests are intended for organizations that deal with sensitive information but still have a relatively open character when it comes to access security of buildings and departments. Think, for example, of research agencies, municipalities, health care and other NGOs.

Such organizations are relatively easy prey for malicious parties. The protection of information is largely in the hands of employees who should ideally have a high level of commitment and security awareness.

The purpose of a walk-in test is to realistically simulate a physical attack. Once our auditors are inside your building, they will continue to look for vulnerabilities. In this way, our trained intruders can make security vulnerabilities visible within your organization and help to raise security awareness to the necessary level.

Together with the customer, we draw up a plan of action and determine which cyber PEN tests may be added to the attack. Our security experts then investigate how your physical information and information systems can be accessed from the inside.

After the walk-in test, we will draw up a clear advice report. This way you can evaluate internally with stakeholders and top management and fix the vulnerabilities. The results are usually regarded as urgent by top management and in most cases effective measures are taken within six months.

Our results


of the companies we can get in

complex audits in 2021


of the companies takes immediate action

Deliverables of our walk-in test

The walk-in tests carried out by Cocoon risk management are independently and extremely professionally. The results of an assignment are intended to reveal gaps in physical security and to make employees aware of the risk that they or their employer pose. Practice also shows that walk-in tests create permanent alertness among your employees and that they even perform their security tasks more proactively.

Have we piqued your interest? Then contact us directly!


Possible legal basis for a walk-in test

Certain controls from ISO/IEC 27002 must be met for each basic security level. We as Cocoon risk management then test for you whether the requirements of the intended security level are actually present in your company. Our security consultants can also help you draw up a Threat and Risk Assessment (TRA) or implement policies.