REDBOT SECURITY FAQs
Frequently Asked Questions
Yes, After your initial penetration test is performed, we deliver your 1st report that has proof of exploits and remediation steps to take to fix issues. Once your company remediates findings, Redbot Security will perform a retest to validate that your issues have been resolved. We then deliver a final report and client letter of attestation (if needed). All of our retesting is built-in to our pricing model.
Service scheduling is easy. The first step is to contact us via our contact form and let us know what type of project you have. Once we determine scope we provide a quick cost estimate. When the estimate is approved we issue a contract and begin scheduling of your project. We are rapid in our response, delivery of estimate and scheduling.
Redbot Security is a U.S. based Boutique Penetration Testing company that specializes in Network and Application Testing. The company employs a small group of highly talented and experienced Sr. Level Engineers.
Yes. Redbot Security provides Industrial testing of ICS/SCADA networks that operate water, electric, manufacturing, transportation and more.
No. Redbot Security can test from a remote perspective, however many times with critical system testing Redbot Security will recommend onsite testing.
Redbot Security’s principal security engineer is Andrew Bindner who is also Redbot Security’s CSO. Andrew was formerly a manager at Rapid7 and Coalfire Sr. Penetration Tester with 20+ years of hands-on security experience leading teams or working individually on highly technical engagements for a wide variety of commercial and government industries in IT and security.
Yes. Redbot Security is located in the heart of Downtown Denver at the Dominion Towers. Redbot Security’s Corporate office address is 600 17th Street, Denver, Colorado, USA.
Yes, Redbot Security is always on the lookout for top talent and pays the industry’s top pay. You can learn more about opportunities on Redbot Security’s career page.
Yes, Redbot Security will share a sample report with potential clients that sign a Mutual NDA and have a valid project.
No, Redbot Security does not provide Managed Threat Detection and Response, however the company provides Dark Web Monitoring and focuses on Penetration Testing only.
The company started as a VAR, partnering with Palo Alto, Fortinet and HPE in 2016 and transitioned to Pen-testing Company early 2019.
Yes, due to security concerns, Redbot Security’s Engineering Team is 100% U.S. based, background checked and certified Full-time Sr. Level employees. Redbot Security does not use independent contractors, freelancers or sub contractors.
Yes, the combined team list only certifications that are verifiable. The current team certifications are as follows:
Amazon Web Services Cloud Practitioner, CompTIA A+ CISSP, Certified Cloudera Administrator for Hadoop (CCAH), Certified Ethical Hacker (CEH), Cisco Certified Network Associate (CCNA), GIAC, CompTIA Linux+, Marine Corp Red Team Operator, Metasploit Professional, Certified Specialist, Nexpose, Certified Administrator (NCA,) Microsoft Certified Professional (MCP), CompTIA Network+, CompTIA IT, Operations Specialist (CIOS), CompTIA Secure Infrastructure Specialist (CSIS), Offensive Security Certified Professional (OSCP), GIAC Certified Penetration Tester (GPEN), Metasploit Professional, Certified Specialist Rapid7, Advanced Vulnerability Manager Rapid7, Network Assault Certified Rapid7, Application Assault Certified, GIAC Exploit Researcher, Advanced Penetration Tester (GXPN), GIAC Mobile Device Security Analyst (GMOB), GIAC Advanced Smartphone Forensics (GASF), GIAC Reverse Engineering Malware (GREM), GIAC Network Forensics Analyst (GNFA), GIAC Certified Intrusion Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Security Essentials (GSEC), Portswigger Burpsuite Certified Practitioner, Cisco Certified Network Associate (CCNA), Cisco Certified Network Associate-wireless, Certified Ethical Hacker (CEH), CompTIA Network+US Navy, Joint Cyber Analyst Course (JCAC)
REDBOT SECURITY’S HYBRID APPROACH TO PENETRATION TESTING SOURCES INDUSTRY-LEADING FRAMEWORKS AND COMBINES SENIOR-LEVEL TALENT WITH OVER 20 YEARS OF EXPERIENCE TO TAILOR ALL CLIENT ENGAGEMENTS. SOME FRAMEWORKS AND TESTING GUIDES LEVERAGED BY REDBOT SECURITY INCLUDE:
- NIST SPECIAL PUBLICATION 800-115
- PCI PENETRATION TESTING GUIDE
- OPEN WEB APPLICATION SECURITY PROJECT
- OWASP WSTGV4
- OWASP TOP 10 LISTS
- OWASP SECURITY PROJECTS
- PENETRATION TESTING EXECUTION STANDARD (PTES)
- OPEN-SOURCE SECURITY TESTING METHODOLOGY MANUAL (OSSTMM)
- INFORMATION SYSTEMS SECURITY ASSESSMENT FRAMEWORK (ISSAF)
- MITRE ATT&CK FRAMEWORK
MCPT® or Manual Controlled Penetration Testing [manual penetration testing] is a controlled assessment of networks and applications that is able to safely identify and validate real world vulnerabilities that are potentially exploitable. Manual Penetration Testing removes false positives and provides proof of concept reporting along with a exploit storyboard for easier remediation.
Yes, Redbot Security provides both physical and electronic Social Engineering and will utilize real word tactics to simulate an attack on a company. Want to know more about social engineering? View Social Hacking article here.
Learn more about penetration testing services
Redbot Security is a boutique penetration testing house with a team of highly skilled U.S. Based Senior Level Engineers that specialize in providing ‘Penetration Testing Services’ for a wide range of industries. The Company delivers True Manual Penetration Testing.
To learn more about Penetration Testing Services you can visit our in-depth articles that discuss a wide range of penetration testing services, or visit our Frequently Asked Questions page to quickly find the penetration testing information you are seeking.
If you have specific questions related to a penetration testing project, please reach out to us!
Definition: Penetration Testing Services will simulate a hacking attack and is usually performed by qualified penetration testing companies. The simulated attack will test the security of networks, applications and devices. Many qualified Penetration testing engineers utilize the same tools and techniques that a malicious actor will use in the real world.  Once the Penetration Test is complete the business is able to access and remediate vulnerabilities that were found within their systems.
The Six Stages of Penetration Testing
- Discovery. The first phase of penetration testing is OSINT and Discovery.
- Testing. Testing phase is performed by qualified engineers that utilize both automated and manual exploitation testing techniques and tools
- Assessment. Determine Risk to organization
- Knowledge Sharing. Provide clear results with Remediation planning
- Remediation. Organization remediates findings that pose a risk.
- Retesting. Retesting of remediated vulnerabilities and final report delivery
Learn more about penetration testing services
Redbot Security is a boutique penetration testing house with a team of highly skilled U.S. Based Senior Level Engineers that specialize in providing ‘Penetration Testing Services’ for a wide range of industries. The Company delivers True Manual Penetration Testing.
To learn more about Penetration Testing Services you can visit our in-depth articles that discuss a wide range of penetration testing services, or visit our Frequently Asked Questions page to quickly find the penetration testing information you are seeking.
If you have specific questions related to a penetration testing project, please reach out to us!
Our Penetration Testing Specialties
IT Network
Remote HackingExternal-Internal
OT Network
On-Site TestingICS/SCADA
Application
Remote HackingWeb & Mobile
Wireless
On-Site TestingWireless Networks
IoT
Lab Testing | On-SiteIoT Device Testing
What You Need to Know About PCI Penetration Testing
A pen test, on the other hand, is a manual process. It actively seeks vulnerabilities in the system and exploits them as hackers would. Because it is a thorough process, it provides more comprehensive results. It is carried out less often than a vulnerability scan; usually once a year.
What is Penetration Testing & Its Different Types
Manual Penetration Testing is essential for critical infrastructure. Scanning for vulnerabilities within ICS/SCADA networks without improper supervision can cause many systems to be overwhelmed and go offline. The potential consequences of disrupting critical systems is great.
Redbot Security – Water Power and Transportation ICS SCADA
The basic necessities of life; water, power and transportation are threatened by lack of resources to protect the systems that provide our nation’s basic needs. Nation State Threat Actors are aggressively ramping up efforts to take our country down by targeting Industrial control systems and outdated SCADA systems.
Redbot Security – Network Security Tools: Penetration Testing
Redbot Security Network Security Tools - Penetration Testing. Is it time to attack yourself? Protecting your network and data 24/7 is a big challenge. Despite your best efforts and multi-layered security, it’s difficult to know whether you have addressed every potential vulnerability. Penetration testing with Redbot lets you find the weaknesses in your systems before a bad actor does. Redbot provides industry leading Penetration Testing for Web Service, Web Applications, External Network, Internal Network, Mobile, Wireless and
Redbot Social