Offensive Security Experts
Let us find your faults first.
Expert Professionals
with years of experience working in and with the public and private sector.
Efficient Testing
that won’t disrupt business and can take place remotely or in person with the same effect.
Exacting Reports
to ensure you don’t just know about your problems; you can solve them.
Our Process
REDSEC’s experienced professionals help you take your security to the next level. There’s no such thing as a standard penetration test or vulnerability scan. We work with you to plan testing that flexes to your business needs. REDSEC offers Infrastructure Penetration Testing, Phishing Attack Assessments, Source Code Review, Vulnerability Scanning, Web Application Penetration Testing, and Wireless Penetration Testing. All of our services can be remote or on site. You may have been tested before, but not like this. Rely on REDSEC to find your faults first.
Our Services
Infrastructure Penetration Testing
Perimeter infrastructure isn’t as porous as it used to be. In our experience, most infrastructure security threats stem from misconfiguration and human oversight. Automated testing cannot find these common errors. Our veteran engineers have you covered.
Phishing Attack Assessments
Modern attackers exploit this to target organizations via highly-sophisticated phishing campaigns. We test the human element within your network. Our engineers work with you to craft a custom phishing campaign. Get the statistics you need to inform decisions and secure your network.
Source Code Review
If you’re looking for a security review of your application code we have cost-effective solutions to help.
Vulnerability Scanning Services
Don’t let vulnerability scanning burden your team. If your vulnerability scans are taking too long , you are struggling to prioritize vulnerabilities, or are looking for a scan to meet compliance needs we have options to help.
Web Application Penetration Testing
Many applications simply present database views to the internet. Need assurance that there’s not a back door into the whole dataset? You want us to discover flaws before someone else does.
Wireless Penetration Testing
Attackers have increasing interest in compromising corporate networks and gaining footholds within internal environments. NuHarbor’s wireless network penetration testing engineers find the holes in your network before someone else does.
Our Team

Martin
Prior to joining NuHarbor Security, Martin spent several years as a web application developer before discovering that breaking web applications was a better fit. He holds a B.S. in computer science and has competed in the Collegiate Cyber Defense Challenge at the national level. In his free time, Martin enjoys hiking and biking around the world (literally).

Mackenzie
Mackenzie is a Web Application Penetration Tester at NuHarbor Security. She has been a part of two NuHarbor teams: both Information Assurance and REDSEC. She is passionate about all aspects of security and has degrees in both Cybersecurity and Digital Forensics. When not in the office, she’s usually aimlessly wandering around Vermont or spending way too much time on Twitter.

Eric
A self-confessed coffee junkie and pepper head, Eric has been working with NuHarbor Security as an Operator since its early years. He has over 20 years of experience writing bugs software and working with various technologies. He enjoys reverse engineering software and taking just about anything apart. With enough coffee, you can do just about anything, which he recently proved by obtaining his OSWE certification.

Sonya
Sonya leverages her past experience to hunt for vulnerabilities both externally and internally. Prior to joining REDSEC at NuHarbor Security, she held career positions as an Information Technology instructor, Network Administrator, and Senior Systems Administrator. She served as a member of the Vermont Army National Guard Critical Infrastructure Team. She participated in several regional and national cyber security exercises with various government and civilian entities. In her spare time, she enjoys spending time with her family, watching horror movies, and putting up with her husband’s crazy antics.

Randy
Randy is an experienced Offensive Operator with over 15 years of technical expertise in the Information Security space. Over the course of Randy’s career, he has developed and supervised penetration testing and red team operations for both private-sector and government clients. As a member of the U.S Army, Randy served in numerous technical roles within the Cyber Operations realm. When not helping clients discover their security shortcomings, Randy enjoys spending time with his family and coaching youth hockey.

Kyle
Kyle joined NuHarbor in the very early days; picture a single table for the entire Crew. He founded the offensive cyber operations arm at NuHarbor Security. He has consulted with hundreds of organizations, assisting them with all aspects of information security from controls assessments, to defensive operations, and security architecture design. To this day, he works closely with the REDSEC team to improve the TTPs and offers a unique blend of technical know how, and business sense during the team’s engagements.

Remote Assessment Vulnerability Exploitation Node
The RAVEN allows our REDSEC team to remotely simulate offensive actions against your system just as though they are on site. RAVEN is the next best thing to having one of our operators on premises.
- Secure and Convenient
- Lower profile and less logistics than on site staffing
- Easier scheduling
- Allows for testing at multiple sites
- Allows for remote access for all of REDSEC’s offensive security activities
- Device is mailed in a ruggedized case and only needs network and power to operate
- Allows for testing with travel and work restrictions related to COVID-19