Red teaming

Our mission is to compromise your systems and processes. For your own good.

Red teaming involves an independent team of investigators attempting to infiltrate the organisation's defence systems and carry out a pre-arranged action. This provides an alternative picture to traditional penetration testing because red teaming tests people, processes and technologies, giving the defending organisation (blue team) the opportunity to assess its own defensive capabilities.

Choose red teaming if you are affected by any of the following

DORA, NIS2, CER etc.

EU directives and regulations aim to ensure that the cybersecurity posture of critical infrastructures is robust on an equal level. This is a most welcome initiative, but it will still create a lot of extra work for actors in the supply chain. DORA applies to the financial sector and is in effect since 2024, while NIS2 targets all other critical infrastructure and will come into force in 2025. While the details of the requirements will be decided at member state level, it is already clear that more frequent and deeper testing will be mandatory, including red teaming exercises. Our team has a proven track record in the financial area, you can trust us to take care of the technological challenges of these EU regulations.

Larger attack surface

An attack surface refers to the sum of all possible entry points or vulnerabilities through which an attacker can enter or interact with a system. It encompasses all the areas where an unauthorized user could potentially exploit weaknesses. Each location, business unit, every connected device, website, application, all the databases, payment gateways, platforms, back-end systems, APIs, cloud infrastructure, developer tools, supply chain partners and vendors add to the attack surface. Enterprises often invest significant resources in cybersecurity measures to mitigate risks and protect their assets, but the constantly evolving threat landscape means that maintaining a secure posture requires ongoing vigilance and adaptation.

Real feedback on your defensive capabilities

Choose this service if you have already subjected your systems to traditional penetration testing. In our red teaming projects implemented so far, we have found that even systems that are regularly and thoroughly tested can still have vulnerabilities.

Technology + people + processes

Red teaming can be used to assess the cybersecurity state of an organisation in all its complexity. While traditional penetration testing focuses mainly on the technologies and their parameterization, red teaming also tests the surrounding organizational and personal dimensions. You can also test your technology-people-process with red teaming even if the processes and tasks are outsourced to an external service provider. In fact, it is more than worth it.

Personalised scope and tools

Our red teaming projects are tailored to the client's needs, organisation and processes. We offer the possibility to simulate different attackers (internal employee, supplier or partner, competitor, other external actors), to simulate different attack vectors (web applications, social engineering, wifi, VPN, etc.) and to implement different attack objectives (capture, obtain sensitive data, etc.).


Let us be your partner for technical issues

Our methodology

Precise assessment of the client's expectations

Reconnaissance, OSINT, scanning

Exploitation, exfiltration

Clean up

Report, presentation, education

What you get

Educational, transparent and detailed report to upgrade your security posture

Professional excellence, customer-oriented attitude

Follow-up, support, training and consulting as requested

Academic rigor and excellence in our job

All our results are delivered with business usability in mind