ThreatSpike Red:

The First Managed Service for Penetration Testing

Looking for high quality, human led penetration testing at an affordable price?


Look no further.


We, like you, are disappointed with what the penetration testing market has to offer and we want to disrupt it! ThreatSpike Red is the first managed service for penetration testing that provides unlimited testing for an affordable, fixed price. Starting from $1,500 per month, you can enjoy unlimited penetration testing conducted by our expert team of certified testers.


With ThreatSpike Red, you can pentest your applications, identify your vulnerabilities and carry out full-scale red team exercises all year round. Your IT team will appreciate the ease and efficiency, while your auditors and management team will love the results.

Find Your Weaknesses

Get visibility of weaknesses in your infrastructure, software, controls and processes that could allow a hacker in.

Assess Employee Risk

Understand the level of employee security awareness especially around social engineering techniques such as phishing.

Keep Auditors Happy

With our fixed price, unlimited service you can repeat tests throughout the year to ensure you remain secure and compliant.

Pentesting

Initial Stage

Network Security
WebApp Testing
Vulnerability Scanning
OWASP
PCI-DSS
Assessment Reports
Reconnaissance

Network scanning, version identification and content discovery for attack surface mapping

Security Assessment

Service specific checks, OWASP, application logic weaknesses

Vulnerability Scanning

Automated scanning and testing on exposed services and applications

Reporting

Assessment report followed by debrief meeting to discuss potential remediation strategies

Red Team Exercise

Targeted Attack

Modern TTPs
Custom Tooling
Social Engineering
Physical
Reconnassance

Passive via data leaks, social media, DNS scanning and active via network mapping and enumeration

Persistence

Maintain access to the environment to survive reboots or cleanup attempts

Initial Access

Social engineering, exploits, infostealers, remote access tools and physical entry

Lateral Movement

Compromise additional accounts, lateral movement, expand to more systems

Features

Complete Coverage

Red Team Exercises

Highly advanced adversarial simulation attempting to gain access to an organisation through cyber and physical intrusion

Infrastructure Testing

Penetration testing of specific systems and applications for known and non-disclosed configuration weaknesses, vulnerabilities

Web Application Testing

Penetration testing of web applications against OWASP using manual review and automated tooling to identify vulnerabilities

API Testing

Penetration testing of APIs to detect weaknesses that could disclose data or compromise integrity of systems and databases

Vulnerability Scanning

Periodic scanning of internal and Internet facing systems to detect vulnerabilities and configuration issues

Threat Simulations

Purposely staged disruption of the network to assess response procedures

Firewall Ruleset Review

Review of firewall rule sets to identify any anomalies, vulnerabilities or compliance issues

Segmentation Testing

Review to confirm that systems and environments are segregated from each other for security and compliance

Build Reviews

Review of operating system gold images to ensure they are hardened in accordance with best practices

Everything You Need. Fixed Price.

ThreatSpike Red provides unlimited offensive security testing at a fixed price based on the size of your organisation.

ThreatSpike Red

Unlimited penetration tests and red team exercises

Internal, external and web application testing

Engagements led by certified specialists

Detailed finding reports

Manual and automated testing

PCI-DSS and Cyber Essentials testing

Vulnerability scanning

Monthly account meeting

$1,500 Per Month
Up To 250 Employees
$2,500 Per Month
Up To 1000 Employees
$4,000 Per Month
Up To 2000 Employees
Please Contact For Larger Company Pricing

FAQ

If you have questions which are not featured here then please drop us an email at info@threatspike.com

Does this cover my penetration testing requirement?

Yes, this service provides unlimited penetration testing meaning you can use it to test all your infrastructure and applications. This allows you to identify your security weaknesses before a hacker does and supports you in achieving compliance with PCI-DSS, ISO 27001 and SOC 2.

What's a red team exercise?

A red team exercise is where we test your organisation as a whole, pretending to be a hacker and using any means we can to get in and cause damage. A big part of red team exercises is spear phishing where we carefully select and target your staff, coercing them via email, telephone or in-person, to click on simulated malware. This gives us access to a machine in the company. From there we see if we can move internally in the network and get access to sensitive data.

Who performs the testing?

Our talented offensive testing team delivers the service using a combination of automated tooling and manual analysis. Our team is comprised of computer science graduates who have been through our intense training academy and shadowed experienced testers on real-life engagements.

How does this compare with traditional pentesting?

Pentesting companies traditionally charge $2000+ per day forcing customers to de-scope and keep engagements short in order to avoid high costs. At the same time these companies keep their testers highly utilised which impedes learning and research. Pentesters also regularly run off-the-shelf vulnerability scanners which limits findings. By comparison we offer testing on a continuous basis which provides customers with maximum visibility. We use industry standard and in-house developed tools and encourage our staff to undertake regular training, carry out research and apply creativity to each engagement.