Physical security devices (IP cameras, DVRs and access control devices are often attached to the same networks we’re trying to defend. Are they vulnerable themselves? Is the evidence obtained and stored defensible in court? In evaluating these devices for some of our clients, I noticed that simple things, like network security and forensically sound collection and storage were afterthoughts at best. Many of these devices can be compromised, allowing an attacker to permanently disable the device, destroy evidence or use the device to attack other hosts on the network. I plan to show vulnerabilities on a few devices we’ve evaluated, how to mitigate the risks and a few lessons to manufacturers on how to generate admissible evidence.