Full Scope Penetration Testing Services

Whether it is white, grey or blackbox testing we've got you covered


Expertise in penetration testing cloud providers (AWS, Azure, GCP, etc.)

Web and Mobile

Expert application testing (e.g. Web, Mobile, etc.) with code review capabilities


Using the power of our MAGE platform we can quickly move from reconnaissance to exploit

Internal and Phishing

Using our proprietary post exploit tool VooDoo we move laterally

IoT and OT

Experts skilled in IoT and OT testing to include hardware/chipsets


Advanced techniques and cloud native expertise to test your containerized environments

True Adversary Simulation

Our services encompass the art of discovering unique access vectors (AKA 0-days, exploits, vulnerabilities, etc…) and then applying OPSEC friendly offensive Tactics, Techniques & Procedures (TTPs) in the same manner that real-world adversaries would against targeted networks, information systems, and/or applications (e.g. Web, Mobile, etc.), in order to test our clients ability to maintain resilience under attacks from cyber threats (e.g. Hackers, Script Kiddies, Nation-States, etc.).  Our penetration testing assessments focus on finding the vulnerabilities in the targeted networks, information systems, cloud providers (AWS, Azure, GCP, etc.), and/or applications (e.g. Web, Mobile, etc.) as possible in the shortest amount of time. Due to this focus, these types of engagements frequently provide a high Return on Investment (ROI) by providing visibility into which vulnerabilities should be addressed in the near future.  These “live fire”-like assessments, enable savvy security teams to better test their detection and response capabilities against real-world cutting-edge cyber threats (e.g. nation-states).

Why S2? Simple... Expertise

Passionate and forward-thinking, our team bring decades of combined technical experience as top-tier researchers, penetration testers, and application security experts. Drawing from security experience in the NSA, US military, leading technology firms, defense contractors, and Fortune 50 companies, we pride ourselves on both depth and breadth of capabilities..

Penetration Testing Expertise


Our penetration testers are held to the highest standards.  Our team holds industry certifications as well as continual education and training:

  • OSCP


We follow the best practices outlined in the following standards whenever possible:

  • NIST SP 800-115: Technical Guide to Information Security Testing and Assessment
  • Penetration Testing Execution Standard (PTES)
  • OWASP Testing Guide for Web Application Testing

Continuous Automated Red Teaming

Stealthily moving through the targeted environment to discover hidden security issues throughout an organization’s entire ecosystem of information systems. These “live fire” assessments enable savvy security teams to better test their detection and response capabilities against real-world cutting-edge cyber threats.

Comprehensive Services to Simulate the Adversary

Penetration Testing Services

  • Web Application Penetration Testing
  • Mobile Application Penetration Testing
  • Secure Code Review Services
  • Cryptography Security Review
  • Internet of Things (IoT) & Hardware
  • Industrial Control System (ICS)
  • Network & Wireless Pentesting

Offensive Cybersecurity Services

  • Red Teaming Engagements
  • Phishing Assessments
  • Cloud Penetration Testing
  • AWS Penetration Testing
  • Azure Penetration Testing
  • GCP Penetration Testing
  • Purple Team Engagement & Training

Red Team-as-a-Service

We make every threat an opportunity for improvement. Relentlessly Secure.

What Clients Are Saying

S2 is a collective of outstanding staff of talented researchers; the level of expertise that exists at S2 far surpasses any other company. My time is limited, and S2 provided an actionable set of findings I could use to move forward. 

Matt Hillary
Weave CISO

As a security leader, I know that the risk of being breached exists regardless of having a well-stacked security program.  S2s red teaming and phishing exercise were incredible. Many security-based internal organizations who do phishing exercises end up not being as crafty, as efficient, or as effective. 

Matt Hillary
Weave CISO

“As an organization, we deal with a lot of Personal Identifiable Information which comes with a lot of security responsibility and requirements both Federal and State & Local. With S2’s PTaaS findings, I could sleep a little better at night, knowing we had been proactive about our security. S2 continuously validates that our cloud security architecture is sound.” 

Michael Smith
Managed Care Advisors CISO

Before working with S2, we felt like we paid for pentest and got vulnerability reports from three other companies that told us what we already knew. However, after two weeks of working with S2, it was evident they wanted to provide us with findings that reduced our IMMINENT RISKS. They started penetrating and moving around in places that would not have shown up in previous engagements—even asking us if it was ok to continue to expand a little deeper.  S2’s communication with our team and findings exceeded our expectations.

Josh Pugmire
Podium CISO 

Posts from our Experts

Make Every Threat an Opportunity for Improvement

Let S2 show you what's possible.

  • Decades of experience securing Federal Enterprises and Fortune 50
  • Former NSA Operators skilled in the Adversary arts
  • Full scope Security-as-a-Service. Start Today.


  • Please select a service offering in which you are interested in learning more.
  • This field is for validation purposes and should be left unchanged.