RedTeam Security 214 4st Street E

Suite #140 St. Paul, MN 55101

Contact info@redteamsecure.com www.redteamsecure.com

612-234-7848

RedTeam Security Services

Offensive Security Refined™

Refined.™™™™

Company Headquarters RedTeam Security Corporation 214 4th Street E., #140, St. Paul, MN 55101 P: 612-234-7848 E: info@redteamsecure.com

Last Update May 10, 2016 Version 1.13

612-234-7848 | www.redteamsecure.com | info@redteamsecure.com

RedTeam Security | Web Application Penetration Testing Datasheet

Company Datasheet

KEY BENEFITS

ü Discover and validate vulnerabilities before they are exploited by attackers

ü Company reputation and brand protection

ü Assess your security posture ü Meet compliance

requirements (PCI, HIPAA, FISMA)

ü Business continuity efforts

SERVICE OFFERINGS

v Application Penetration Test

v Network Penetration Test

v Physical Penetration Test

v Red Teaming

v Social Engineering

v Hunt Teaming

v War Gaming

THE EXPERTISE AND INTEGRITY OF OUR INFORMATION SECURITY CONSULTANTS ARE TRUSTED BY TODAY’S LEADING ORGANIZATIONS

OFFENSIVE SECURITY. REFINED.™ Since 2008, RedTeam Security has been a minority-owned cybersecurity consulting firm headquartered in St. Paul/Minneapolis, MN. Unlike many firms, we specialize in five (5) advanced offensive security areas: Penetration Testing, Social Engineering, Red Teaming, Hunt Teaming and War Gaming. Our consultants are certified, experienced professionals and our services are high-touch and fully comprehensive.

SECURITY IS OUR ONLY BUSINESS Many consulting firms offer information security services as a supplement to their business. RedTeam Security only focuses on providing deep-dive, highly advanced offensive security services that aim to provide maximum protection for businesses and the nation’s most sensitive information. We are not a reseller or VAR of any kind. We are an ethical hacking services firm in the purest sense. CERTIFIED AND EXPERIENCED CONSULTANTS RedTeam Security consultants constantly work toward and achieve industry certifications relevant to the work they perform (OSCP, GWAPT, GPEN, CEH, CISSP, etc.) What’s more, our consultants are committed to being leaders through the publication of security research, authoring security books, being adjunct professors and speaking at security conferences domestic and abroad.

HIGH-TOUCH, BOUTIQUE & TRUE PARTNERSHIP High-touch to us means being a constant and reliable resource well before and well after the final report is delivered. Whether its daily project updates from our secure client portal, having a direct line of communication to our consultants or seeking remediation assistance weeks after report delivery. That’s right, our clients have access to a private remediation portal and ticketing system well after report delivery as a way to engage us for remediation assistance. All at no cost. What’s more, we also provide remediation re-testing at no additional charge, even if it takes more than a few re-tests and several months to fully remediate. Ultimately our goal is not only to find vulnerabilities, but most importantly, to fix them. All this from a firm who pours all of its time and resources into advancing its niche services for the protection and benefit of its prized clientele.

“When it comes to security, the best defense is offense; you need to test the effectiveness of your own security practices before a real intruder does it for you.” — H.D. Moore

612-234-7848 | www.redteamsecure.com | info@redteamsecure.com

RedTeam Security | Web Application Penetration Testing Datasheet

READY TO GET STARTED? Contact us at (612) 234-7848 to learn how RedTeam Security can help you accomplish business and IT goals. Or visit us at: www.redteamsecure.com

ABOUT REDTEAM SECURITY RedTeam Security is an SBA Certified SDB (minority-owned) security consulting firm specializing in Penetration Testing, Social Engineering, Red Teaming, Hunt Teaming and War Gaming. Our team is made up of adjunct professors, published authors, patent holders, open source developers, researchers and conference presenters. Certs include: OSCP, GWAPT, GPEN, CISSP, CEH, CHFI, CCISO, CASS, CEPT and more…

Company Datasheet PENETRATION TESTING The primary objective for a Penetration Test is to identify exploitable vulnerabilities in applications, networks, systems and facilities before hackers are able to discover and exploit them. RedTeam’s advanced deep-dive Penetration Testing service will reveal real-world opportunities for hackers to be able to compromise networks, apps and physical security controls in such a way that allows for unauthorized access to sensitive data or even take-over systems. RedTeam offers four core Penetration Testing areas: Web Application Penetration Testing, Network Penetration Testing, Mobile Application Penetration Testing and Physical Penetration Testing.

SOCIAL ENGINEERING Social Engineering is a technique that relies on weaknesses in human nature, rather than hardware, software, or network vulnerabilities. RedTeam Security offers four core Social Engineering areas to test human susceptibility to persuasion and manipulation: Email Phishing, Phone/SMS, Fax, Onsite Pretexting (Covert/Overt). RedTeam is highly skilled at conducting Social Engineering tests and has publicly released tools and published a book to improve the process. We frequently conduct these assessments for clients and have a very high success rate of compromise as well as eliciting sensitive or confidential information.

RED TEAMING Red Teaming is a goal-based adversarial multi-blended testing process. It simulates a multi-layered attack on your organization to measure how well your people, processes, facilities and technologies can withstand a real-life attack situation. We seek to compromise your organization’s most valued assets with a combination of (but not limited to) Application Pen Testing, Mobile App Pen Testing, Network Pen Testing, Physical Pen Testing, Email Phishing, Phone Phishing, Onsite Pretexting and client-side attacks.

Red Teaming is where we get our name and it is our flagship. Our holistic approach closely embodies the thought process of today’s adversaries. Just as sophisticated attackers would, we explore all aspects of your security posture, including network infrastructure, application security, business processes, physical (building) security controls and human behavior.

HUNT TEAMING Statistics indicate an overwhelming majority of organizations will be breached at some point and the average time to discover a breach is roughly 220 days. While IDS/IPS and SIEMs provide great benefit, they lack human-level intelligence and aren’t entirely effective in breach detection. Hunt Teaming aims to proactively close the gap through manual deep-dive hunting for indicators of compromise within an environment.

WAR GAMING Even some of the best performing Security Operation Centers suffer from ill-trained staff, poorly tuned IDS/IPS and inadequate escalation processes. War Gaming is a goal-based testing service designed specifically to assess the security efficiency of NOC/SOC incident responders by carrying out realistic distributed network attacks against client infrastructure.

612-234-7848 | www.redteamsecure.com | info@redteamsecure.com

RedTeam Security | Web Application Penetration Testing Datasheet

MicroEdge, Inc.

My experience with RedTeam Security is that they are very comprehensive, very flexible with our different product, environment and scheduling needs, and very quick to respond with any questions we have. The information they provide is very clear and provides the right level of guidance for us to take steps to mitigate vulnerabilities in our hosted applications.

- L.H. - MicroEdge

“…the information they provide is the right level of guidance for us to take steps to mitigate vulnerabilities…”

Proven results.

MicroEdge engaged RedTeam Security in an effort to address the identification, classification and remediation of security vulnerabilities in their enterprise-hosted applications. Among their main drivers was due to stringent client requirements and a commitment to demonstrating due diligence to their customers.

RedTeam Security consultants were tasked with developing a customized security assessment and remediation plan designed to address their client requirements as well as align with their own needs. Firmly grounded on an agile and dynamic business model, RedTeam’s experienced consultants were able to reduce risk and exceed client expectations, improve their security posture

Marked Vulnerability Reduction

Case Study

RedTeam Security | 612-234-7848 | www.redteamsecure.com | info@redteamsecure.com