Embedded Files
Free for The First 3 Businesses: 3/3 Spots Remaining
Includes assessment of your primary domain + up to 10 subdomains
As part of this free assessment offer for our early clients, we are hoping to collect some testimonials. Your input would be greatly appreciated!
Essential Assessment Tier
(Ideal for startups)
Includes:
In-depth assessment of your primary domain + up to 10 key subdomains most vital to your organization
Thorough manual review of all externally identified assets
A detailed report highlighting findings with clear recommendations to strengthen your security
Advanced Assessment Tier
(Ideal for small-medium organizations)
Includes:
In-depth assessment of your primary domain + up to 20 key subdomains most vital to your organization
Thorough manual review of all externally identified assets
A detailed report highlighting findings with clear recommendations to strengthen your security
Complete Assessment Tier
(Ideal for mature organizations)
Includes:
In-depth assessment of your entire domain including ALL your subdomains
Thorough manual review of all externally identified assets
A detailed report highlighting findings with clear recommendations to strengthen your security
How the process works:
1. Scoping & Authorization
You'll provide your organization’s domain (e.g., www.example.com) along with any relevant context such as specific areas of concern and rate limiting.
We will send over a Rules of Engagement (RoE) document outlining the scope, terms, and written authorization for the assessment. Written permission is required before any testing begins. We may also follow up with a few clarifying questions to finalize the scope and schedule.
2. Discovery Phase
We conduct scans to identify subdomains and directories using industry-standard tools with labelled headers to mark authorized traffic. This helps your business distinguish between authorized test traffic and potentially unauthorized or malicious scans.
We’ll also keep you updated throughout the process by notifying you through email before the assessment begins and once testing is complete and reporting has started.
3. Analysis & Reporting
Once discovery is complete, we manually review each identified asset for potential indicators of risk. Our findings are compiled into a straightforward report that prioritizes issues by potential impact along with recommendations to improve your external security posture.
4. Delivery
The final report will be delivered via email within the agreed time frame in PDF format. If you have any questions or need clarification about your report, you can reach out to us via email and we'll be happy to assist you.
Sample Report by RedLine pentesting
Get a firsthand look at a sample report, so you know exactly what to expect.
Frequently Asked Questions
How does this differ from a penetration test?
This is a non-intrusive assessment focused solely on identifying and analyzing public-facing assets. It does not involve exploiting any active attempts to breach your systems.
Will this affect my website or cause downtime?
Not at all. The assessment is designed to avoid any impact on your services or website performance by using rate limiters when we perform any scanning.
How long will the assessment take?
The length (and cost) of the assessment depends on several factors, including:
The size and complexity of your primary domain (number of pages, functionality)
The number of subdomains we’re testing
The type of services present (web apps, login portals)
During the initial scoping phase, we’ll provide an estimated timeline based on your organization.
what type of risks can this assessment uncover?
This assessment identifies externally visible risks that attackers could take advantage of. Common findings include but are not limited to:
Exposed or forgotten subdomains/directories
Outdated or unsupported web technologies
Publicly accessible admin panels or login portals
Service banners revealing sensitive information
what happens after i receive the report?
After you receive the report, you can review the findings and apply the recommendations at your own pace.
The report will highlight:
Key issues we discovered, organized by severity (high, moderate, low)
Clear explanations of the security concerns and their potential impact if exploited
Recommendations of steps you can take to fix the issues and strengthen your security
how is payment handled?
Once the necessary documents have been signed, you’ll receive an invoice via email.
Payment is split into two parts: 50% is due upfront to begin the assessment and the remaining 50% is due after the assessment is completed and the final report has been delivered. Secure payment can be made via e-transfer.
Still have questions? Feel free to reach out, we’re happy to help.
Page updated
Google Sites
Report abuse