Key Features

S2's proprietary cloud native platform, purpose built to deliver industrialized security as-a-service

Cloud Security Posture Management (CSPM)

Automate the identification and remediation of risks across cloud infrastructures

Continuous Automated Red Team (CART)

Providing continuous real world attack scenarios with exploit chaining

External Attack Surface Management (EASM)

Continuously discover external-facing assets and systems with their vulnerabilities.


Enterprise post exploitation toolkit licensed for internal red teams

Security Data Lake

Expansive data lake to aggregate security logs and provide true insights

Adversary Detection

Expansive security data lake with continuous complex hunting and response

Continuous Automated Red Team (CART)

MAGE employs a micro-services based architecture enabling for rapid adoption of new curated and safe Red-Team-as-Code modules
  • Red-Team-as-Code Modules enabling rapid bug bounty style checks
  • Dynamic scaling to empower true industrialized data collection for Comprehensive Attack Surface Discovery
  • Automated Workflows to amplify S2 "PlumCell" expert penetration testers

Cloud Security Posture Management (CSPM)

The MAGE CSPM micro-service enables S2 to provide continuous cloud security as part of its PTaaS and RTaaS offerings
  • Continuous visibility of multi-cloud environments to identify cloud misconfiguration vulnerabilities
  • Automatically detect new external assets and provide the detection of security risks in cloud infrastructure accounts
  • Verify compliance against common standards or best practices such as CIS Foundations Benchmarks, SOC 2, PCI, NIST 800-53, or HIPAA

External Attack Surface Management (EASM)

Automatically discover external facing assets like Domains, Subdomains, IPs, public cloud service misconfigurations, leaded credentials, exposed databases, compromised accounts, etc.
  • Discover exposed infrastructure, domains and subdomains, and an inventory of your external attack surface
  • Active port scanning to identify exposed ports, associated applications, and their public (and closed source) vulnerabilities
  • Continuous reconnaissance to understand what information your adversary has to exploit you

Voodoo Red Team Tool-kit

Voodoo is a post exploitation platform for covert interactive cyber operations. Designed from the ground up to be stealthy, stable, and versatile.
  • Cross platform supports targets based on Intel x64 and both traditional ARM and ARM64 processors
  • Armory enables operators to leverage crowdsourced and S2 created “munitions”
  • Deep Pivoting with multiple agents chained together with dynamically created, fault tolerant routes

Red Team-as-a-Service

Your adversary isn't bound to a defined scope or timeline so why are your assessments?

Enterprise Security Data Lake

We can ingest and transform any machine data by various methods, whether that is polling your SaaS provider’s API for events or by deploying instrumentation to capture the data.
  • Highly cohesive, loosely coupled data lake
  • Broad collection capabilities to store all digital exhaust
  • Complex queries run continuously to turn exhaust into insights

Adversary Detection & Response

Robust security data lake with broad visibility using microservices to apply security analytics, Detections-as-Code, and threat intelligence to uncover attackers and vulnerabilities.
  • Cloud Native Platform w/ Automation
  • Relentless Hunting on all your security data not just filtered events
  • Detections-as-Code weaponizes our thousands of detections executing concurrent queries

Cloud Native Architecture

Leverage the power of the cloud and serverless environments to provide scale and flexibility
  • True Infrastructure-as-Code design enabling it to run as a SaaS platform or in your environment
  • Horizontal scaling through container management to provide unprecedented scale


Your adversary isn't bound by time and scope. Why do you limit your penetration tests?

Let S2 show you what's possible

  • Decades of experience securing Federal Enterprises and Fortune 50
  • Former NSA Operators skilled in the Adversary arts
  • Full scope Security-as-a-Service. Press the easy button.


  • Please select a service offering in which you are interested in learning more.
  • This field is for validation purposes and should be left unchanged.