Cloud-Based Appliance

Analysts deploy our secure,
cloud-based portal

Initial External Test

Full penetration test conducted during the onboarding process to provide recommendations for improvement and/or remediation.

Continuous External

Continuous testing conducted via human analyst activities, bots and API’s. Testing evolves in response to changes in your environment and global trends.

Penetration Testing

Holistic penetration testing includes vulnerability scans XXX, YYY, and ZZZ.

Private Portal

Securely access your own portal to view the risks noted, run simulations and interact with bots and analysts.

On-Demand Reports

Comprehensive penetration test reports are available on-demand. RedSpy365 also features a one-click download of a full penetration test report that is updated continuously.

Access Support

Analyst support within
8 hours of request.

Key Features

A hybrid method of penetration testing includes automated bots to uncover security gaps and human analysts who can interpret vulnerabilities and analyze exploitations.

Early risk and impact identification is the key to remediation before being exploited by hackers.

A Managed Service – customers can receive alerts on all events or only on specific events.

Uses best-of-breed industry software, increasing the likelihood of uncovering risks, and reducing false positives, enabling the most effective reporting.

Trained experts who interpret identified risks to evaluate potential impact, with recommendations for mitigation.

Reporting on demand – a continuously updated penetration test report that can be printed off for any time for any compliance questions. Likely attack path algorithms to identify where attackers may probe weak areas of security.

RedSpy365 takes on the burden of staffing, providing top security engineers who possess the highest security certifications and average 13+ years of industry experience.

Phishing attacks that can be tailored with specific goals of determining if whether organization would be exposed if someone clicked on a hacker’s link.

Combines all forms of penetration testing – web application, external, internal and social engineering for complete coverage.

How It Works

RedSpy365 starts by performing an initial, external penetration test against an organization. The results are returned to the organization with specific recommendations for remediation, either by your IT security team or RedSpy365 engineers.

Conclusions from the initial test are fed back to the RedSpy365 security team who can assist with remediation. Findings are also sent to our 24-hour Network Operation Center (NOC) where a botnet, attack pods, and advanced client-side attacks are created specifically for your organization. This establishes the foundation upon which the Continuous Penetration Testing tools begin to automatically scan IP addresses and receive input from various devices every day. The portal’s tools identify changes in web application security postures as well as new ports, IP addresses, and threat vectors – in real-time. It is also the aggregate point for emails that simulate advanced phishing and spear phishing campaigns.

The RedSpy365 process is outlined below and leads to alerts and notifications sent to the RedSpy365 Security Team for pre-determined and agreed-upon action steps. These escalations from automated bots to the RedSpy365 certified penetration testers—some of the industry’s leading experts—form the basis for uncovering threats before they can be exploited, preventing your organization from being compromised.

Stages in Continuous Penetration Testing

How it works