Yes,  After your initial penetration test is performed, we deliver your 1st report that has proof of exploits and remediation steps to take to fix issues.  Once your company remediates findings, Redbot Security will perform a retest to validate that your issues have been resolved.  We then deliver a final report and client letter of attestation (if needed).  All of our retesting is built-in to our pricing model.

Service scheduling is easy.  The first step is to contact us via our contact form and let us know what type of project you have.  Once we determine scope we provide a quick cost estimate.  When the estimate is approved we issue a contract and begin scheduling of your project.  We are rapid in our response, delivery of estimate and scheduling.

Redbot Security is a U.S. based Boutique Penetration Testing company that specializes in Network and Application Testing.  The company employs a small group of highly talented and experienced Sr. Level Engineers.

Yes.  Redbot Security provides Industrial testing of ICS/SCADA networks that operate water, electric, manufacturing, transportation and more.

No. Redbot Security can test from a remote perspective, however many times with critical system testing Redbot Security will recommend onsite testing.

Redbot Security’s principal security engineer is Andrew Bindner who is also Redbot Security’s CSO.  Andrew  was formerly a manager at Rapid7 and Coalfire Sr. Penetration Tester with 20+ years of hands-on security experience leading teams or working individually on highly technical engagements for a wide variety of commercial and government industries in IT and security.

Yes. Redbot Security is located in the heart of Downtown Denver at the Dominion Towers.  Redbot Security’s Corporate office address is 600 17^th Street, Denver, Colorado, USA.

Yes, Redbot Security is always on the lookout for top talent and pays the industry’s top pay.  You can learn more about opportunities on Redbot Security’s career page.

Yes, Redbot Security will share a sample report with potential clients that sign a Mutual NDA and have a valid project.

No, Redbot Security does not provide Managed Threat Detection and Response, however the company provides Dark Web Monitoring and focuses on Penetration Testing only.

The company started as a VAR, partnering with Palo Alto, Fortinet and HPE in 2016 and transitioned to Pen-testing Company early 2019.

Yes, the combined team list only certifications that are verifiable.  The current team certifications are as follows:

Amazon Web Services Cloud Practitioner, CompTIA A+ CISSP, Certified Cloudera Administrator for Hadoop (CCAH), Certified Ethical Hacker (CEH), Cisco Certified Network Associate (CCNA), GIAC, CompTIA Linux+, Marine Corp Red Team Operator, Metasploit Professional, Certified Specialist, Nexpose, Certified Administrator (NCA,) Microsoft Certified Professional (MCP), CompTIA Network+, CompTIA IT, Operations Specialist (CIOS), CompTIA Secure Infrastructure Specialist (CSIS), Offensive Security Certified Professional (OSCP), GIAC Certified Penetration Tester (GPEN), Metasploit Professional, Certified Specialist Rapid7, Advanced Vulnerability Manager Rapid7, Network Assault Certified Rapid7, Application Assault Certified, GIAC Exploit Researcher, Advanced Penetration Tester (GXPN), GIAC Mobile Device Security Analyst (GMOB), GIAC Advanced Smartphone Forensics (GASF), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensics Analyst (GNFA), GIAC Certified Intrusion Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Security Essentials (GSEC), Portswigger Burpsuite Certified Practitioner, Cisco Certified Network Associate (CCNA), Cisco Certified Network Associate-wireless, Certified Ethical Hacker (CEH), CompTIA Network+US Navy, Joint Cyber Analyst Course (JCAC)

REDBOT SECURITY’S HYBRID APPROACH TO PENETRATION TESTING SOURCES INDUSTRY-LEADING FRAMEWORKS AND COMBINES SENIOR-LEVEL TALENT WITH OVER 20 YEARS OF EXPERIENCE TO TAILOR ALL CLIENT ENGAGEMENTS. SOME FRAMEWORKS AND TESTING GUIDES LEVERAGED BY REDBOT SECURITY INCLUDE:

• NIST SPECIAL PUBLICATION 800-115
• PCI PENETRATION TESTING GUIDE
• OPEN WEB APPLICATION SECURITY PROJECT
• OWASP WSTGV4
• OWASP TOP 10 LISTS
• OWASP SECURITY PROJECTS
• PENETRATION TESTING EXECUTION STANDARD (PTES)
• OPEN-SOURCE SECURITY TESTING METHODOLOGY MANUAL (OSSTMM)
• INFORMATION SYSTEMS SECURITY ASSESSMENT FRAMEWORK (ISSAF)
• MITRE ATT&CK FRAMEWORK