Process
Engagement Process
Structured, transparent, and no surprises. Every phase is documented and communicated clearly from initial scoping to final remediation retest.
How It Works
Five Phases.
Zero Ambiguity.
Every engagement follows a consistent, documented methodology built on real-world offensive tradecraft — not a generic checklist approach.
01
Discovery & Scoping
We define targets, rules of engagement, timelines, emergency stop procedures, and measurable success criteria. Every engagement starts with a detailed, signed scope document reviewed by both parties.
02
Reconnaissance & Enumeration
Passive OSINT, active infrastructure mapping, and full attack surface enumeration. We build a complete picture of your environment and identify attack vectors before executing a single exploit.
03
Active Exploitation
Manual, tool-assisted attacks targeting identified vulnerabilities. Chained exploitation, lateral movement, privilege escalation, credential harvesting, and persistence testing — with careful production-safety discipline.
04
Reporting & Debrief
Comprehensive written report with executive summary and full technical findings. Followed by a scheduled live debrief session where we walk through every finding and answer all questions.
05
Remediation Support & Retest
We remain available through your remediation cycle to clarify findings, review proposed fixes, and advise on implementation. Retest engagements to validate remediation are available as a separate service at an additional fee.
Sample Scope Card
Sample Engagement Summary
Engagement TypeRed Team — Full Scope
Duration4 Weeks
External Perimeter✓ Included
Internal Network✓ Included
Active Directory✓ Included
Cloud (AWS/Azure)✓ Included
Social Engineering✓ Included
Physical SecurityOptional
Executive Report✓ Included
RetestAdditional Fee
NDA✓ Pre-engagement
RELATED RESOURCES