From Offensive Minds
WHAT WE DO
We are an information security company focusing on real world threats.
Red Siege is an information security consulting company that concentrates on the latest threats to organizations today. We perform in-depth analysis, determine organization/business risk, and find the vulnerabilities before the bad guys do. Our team includes internationally renowned experts who have been featured in international news outlets and conferences, including The Wall Street Journal, The Washington Post, a News Channel Asia Documentary.
Assumed Breach Assessment
Even a seemingly insignificant compromise can have big consequences, and our goal is to demonstrate this risk. We determine your risk when the egg shell is cracked. We start as a low privilege user and attempt to move through the network in an attempt to access the data the matters to you. This assessment simulates that of a compromised internal host/user or a rogue trusted insider.
Red Team Adversary Simulation
A goal-based assessment where we attack just like a real world adversary. This includes external attacks and targeted phishing to demonstrate the real risk to your data.
Penetration Testing & Vulnerability Assessments
This includes vulnerability scans of the in-scope systems where we manually verify issues and exploit any issues found. We report on the issues that actually pose and actual risk to your organization.
Web Application Penetration Testing
Our team will perform an in-depth analysis of your web application to find vulnerabilities related to programming errors, misconfiguration, and application architectural issues. We will perform automated and manual runtime analysis of your application. We create custom test cases to fuzz your application and find the faults before the bad guys do.
Purple Team Engagements
This engagement is designed to test and train the Blue Team. We can work with or without an in-house Red Team. We’ll work with your defenders to document and measure in detection and response capabilities.
Mobile Application Assessment
We look at your mobile application and the associated infrastructure to find configuration weaknesses, server-side issues, insecure authentication and access control, and other issues related to the latest attacks on mobile applications.
Advanced Product, Hardware & RF Testing
This is a highly customized assessment designed for you and your hardware. Depending on the product we will analyze custom RF protocols, reverse engineer OS and firmware, and analyze and fuzz network protocols. We have tested a range of products from toys to security products.
What I like best about the report is the level of detail. I like that you provide the commands used to arise at a finding. It allows me to retest easily. I also like that in most cases, you illustrate how to resolve the finding. This means I can easily assign tickets with specific instructions on how to address a problem and then retest to ensure it was done properly. We have a small IT staff. We are jack of all trades and masters of none, so this level of detail and instruction is very beneficial for us.