RedSpy365® Process

What We Do

RedSpy365® continuously analyzes an organization’s risk surface from a hacker's perspective. By recognizing likely attack paths, RedSpy365® can identify security flaws and map those issues to business risks that can impact your organization.

We developed RedSpy365® to provide actionable intelligence about organizational & technological risks, using the same tactics, tools, techniques, and processes as the bad guys.

How We Do It

Bots Like the Attackers Use

Our bot technology conducts exploits and automatically attempts to establish live connections to target hosts – commonly
called “enumeration.”

Triggers that Automate Attacks

Embedded coding within the portal automates “attacks” against identified risks.

Automated Alerts

Successful footholds trigger alerts to our
analysts of a potential breach.

Analysts Who Enumerate

From automated process to analysts who explore, everything flows through the RedSpy365® portal to establish paths to technology assets inside
your business.

Exploits that move East & West

Post-exploit, analysts expand to leverage credentials and system access across the enterprise.

Reports & Live Dashboards

Clients can access live results and reports through the same portal our analysts use to deploy and monitor attacks.

Proven Results

Details By Version

RedSpy365® offers three continuous penetration testing packages - Core, Core+, and Enterprise.

RedSpy365® Core+ includes a more integrated web application penetration test along with complex automated attacks using web ‘Drive-by’ techniques and malware imitation.


Contact us for pricing

  • Cloud-Based Appliance
  • Initial External Test
  • Continuous External Penetration Testing
  • Private Portal
  • On-demand Penetration Testing Reports
  • Custom Phishing Campaign with Training
  • Access to Analysts with an 8-hour Service Level Agreement



Contact us for pricing

All the features of Core plus –

  • On-Site Appliance
  • Web Application Testing
  • Continuous Internal Penetration Testing
  • Two-Day, On-Site Security Awareness Training
  • Access to Analysts with a 4-hour Service Level Agreement



Contact us for pricing

All the features of Core and Core+ plus –

  • Security Team Integration
  • Web Code Review (Checkmarx)
  • Customizable Service Level Agreement
  • Integration of RedSpy365® into remediation workflow