RedSpy365 Process

What we do

RedSpy365 continuously analyzes an organization’s risk surface from a hackers perspective. By recognizing likely attack paths, RedSpy can identify security flaws and map those issues to business risks that can impact your organization.

We developed RedSpy to provide actionable intelligence about organizational & technological risks, using the same tactics, tools, techniques and processes as the bad guys.

How we do it

Bots like the attackers use

Our bot technology conducts exploits and automatically attempts to establish live connections to target hosts – commonly called “enumeration.”

Triggers that automate attacks

Embedded coding within the portal automates “attacks” against identified risks.

Automated Alerts

Successful footholds trigger alerts to our analysts of a potential breach

Analysts who enumerate

From automated process to analysts who explore, everything flows through the RedSpy365 portal to establish paths to technology assets inside your business

Exploits that move East & West

Post-exploit, analysts expand to leverage credentials and system access across the enterprise

Reports & Live Dashboards

Clients can access live results and reports through the same portal our analysts use to deploy and monitor attacks

Proven results

Details by version

RedSpy365 offers three continuous penetration testing packages - Core, Core+, and Enterprise.

RedSpy Core+ includes a more integrated web application penetration test along with complex automated attacks using web ‘DriveBy’ techniques and malware imitation.



  • Cloud-Based Appliance
  • Initial External Test
  • Continuous External Penetration Testing
  • Private Portal
  • Penetration Testing Reports On-Demand
  • 365 Phishing Campaign with Training
  • Access to Analysts with an 8 hour SLA




All the features of Core plus –

  • RedSpy Core+
  • OnSite Appliance
  • Web Application Testing
  • Continuous Internal Penetration Testing
  • 2 Days On-Site Security Awareness Training
  • Access to Analysts with a 4 hour SLA



Contact us for pricing

All the features of Core and Core+ plus –

  • Security Team Integration
  • Web Code Review (Checkmarx)
  • Customizable SLA
  • Work to Integrate RedSpy into remediation workflow