Our Technology

At its core, NetSPI is a technology-enabled cybersecurity firm. The technology we build and continuously innovate allows us to provide best-in-class enterprise penetration testing and attack surface management.

Resolve™

CISOs, infosec managers, vulnerability managers, and more use Resolve, NetSPI’s vulnerability management and orchestration platform, to make their jobs easier and improve their organization’s security posture.

  • Simplify Vulnerability Management
    Resolve manages the lifecycle of vulnerabilities from discovery to remediation.
  • Pentest Efficiencies
    Resolve’s Workbench cuts the time to complete an engagement by 40 percent.
  • Security Automation
    Automation enables manual pentesters to focus on discovering the hard-to-find vulnerabilities.
  • Test Continuously or At-Scale
    Resolve is flexible and can scale up or down to meet the testing requirements of any organization. The platform also supports continuous testing. Increase the frequency of your security testing to stay on top of new releases and incremental changes.
  • Attack Surface Management
    Your attack surface is constantly evolving and your security should too. NetSPI builds strong testing programs to ensure you understand your attack surface and potential risks.

Scan Monster™

Scan Monster automates and orchestrates NetSPI’s scanning activities, giving us more time to do what we do best, manually test your applications.

  • NetSPI’s always-on testing monitors your attack surface and increases testing coverage
  • Access your Scan Monster results in real-time with Resolve™
  • The most effective compilation of commercial, open source and custom-built vulnerability scanners

Red Team Toolkit

Red Team Toolkit (RTT) is the most sophisticated offensive security platform and tooling suite used by NetSPI to optimize your red team operations and penetration tests. The toolkit enables NetSPI to perform advanced network operations, collaborate on target exploitation, and better simulate adversaries.

  • Slingshot Post-Exploitation Agent
    Slingshot empowers us to emulate sophisticated adversaries through stealthy injection techniques, memory obfuscation, malleable network profiles, and loads of defensive evasion capabilities.
  • OpSec Centric
    Red Team Toolkit features over 15 defensive countermeasures. Evasion techniques include leveraging syscalls for stealthy code injection, in-memory obfuscation of modules, as well as AMSI, ETW, and PowerShell logging bypasses.

Attack Simulation

Attack Simulation provides you with the tools you need to ensure the effectiveness of your defensive controls and measurably improve security maturity.

  • Customize and automate MITRE ATT&CK frameworks
  • Execute attack scenarios based on real-world attacker TTPs
  • Simulate a single technique as a play or execute a full attack chain using one of the pre-built playbooks
  • Gain remediation guidance for each attacker technique
  • Test, measure, and track the maturity of detective and preventive controls against specific attacker techniques