Key Features

S2's proprietary cloud native platform, purpose built to deliver industrialized security as-a-service

Cloud Native Architecture

Utilizing containers and serverless technologies to scale

Adversary Simulation

Providing continuous reconnaissance and attack surface discovery and testing

Adversary Detection

Expansive security data lake with continuous complex hunting and response


Enterprise post exploitation toolkit licensed for internal red teams

Security Data Lake

Expansive data lake to aggregate security logs and provide true insights


We enroll new technologies rapidly to outpace the adversary

Continuous Automated Red Team

MAGE employs a micro-services based architecture enabling for rapid adoption of new curated and safe Red-Team-as-Code modules
  • Red-Team-as-Code Modules enabling rapid bug bounty style checks
  • Dynamic scaling to empower true industrialized data collection for Comprehensive Attack Surface Discovery
  • Automated Workflows to amplify S2 "PlumCell" expert penetration testers

Adversary Detection & Response

Robust security data lake with broad visibility using microservices to apply security analytics Detections-as-Code, and threat intelligence to uncover attackers and vulnerabilities.
  • Cloud Native Platform w/ Automation
  • Relentless Hunting on all your security data not just filtered events
  • Detections-as-Code weaponizes our thousands of detections executing concurrent queries

Security Data Lake

We can ingest and transform any machine data by various methods, whether that is polling your SaaS provider’s API for events or by deploying instrumentation to capture the data.
  • Highly cohesive loosely coupled data lake
  • Broad collection capabilities to store all digital exhaust
  • Complex queries run continuously to turn exhaust into insights

Red Team-as-a-Service

Your adversary isn't bound by time and scope. Why do you continually penetration test that way?

Voodoo Post Exploitation Tool-kit

Voodoo is a post exploitation platform for covert interactive cyber operations. Designed from the ground up to be stealthy, stable, and versatile.
  • Cross platform supports targets based on Intel x64 and both traditional ARM and ARM64 processors
  • Armory enables operators to leverage crowdsourced and S2 created “munitions”
  • Deep Pivoting with multiple agents chained together with dynamically created, fault tolerant routes

Cloud Native Architecture

Leverage the power of the cloud and serverless environments to provide scale and flexibility
  • True Infrastructure-as-Code design enabling it to run SaaS or in your environment
  • Horizontal scaling through container management to provide unprecedented scale


Your adversary isn't bound by time and scope. Why do you continually penetration test that way?

Let S2 show you what's possible

  • Decades of experience securing Federal Enterprises and Fortune 50
  • Former NSA Operators skilled in the Adversary arts
  • Full scope Security-as-a-Service. Press the easy button.


  • Please select a service offering in which you are interested in learning more.