Using the latest tools and techniques
We are experts with them all
We can test them too!
NTF is an independent team of like minded individuals that has extensive experience with Red Team projects.
We Keep current on the latest issues, tools, and techniques.
We are security professionals with over 20 years of experience on red teams and have experience penetrating many different configurations of software, hardware, and network architecture. Collectively we hold CISSP, ENCE, CEH, IAM, BBSE, CPT, PMP, ITILv4 and other certifications.
Our overhead is low and we pass on the savings to our clients by having Top-Notch Efficiency and very stable and predictable costs. Another way we save you money is we are extremely fast - most of our engagements are less than a week long. Alternatively we can negotiate a retainer rate (capped hours) and you can use us when you need us. We may not be the cheapest, but we are extremely reasonable for what you get.
One of the largest issues in security projects is communications. With NotTheFed you don't just get an experienced and certified pentester, you get a certified and experienced project manager as well. We provide our clients a 24-hour point of contact so you never have to worry about communications issues, your concerns are ours as well.
We are dedicated and highly skilled, our customers always come first.
Director of Sales
Lead Mobile APP Tester
We have been privileged to work and grow with a diverse range of clients. We have performed tests on Hotels, Casinos, Online shops, Local and state agencies and many things in between. We work a lot with small companies that just can not afford the larger VAPT companies minimum rates.
Our External Vulnerability and Penetration test (VAPT) assesses your network perimeter and exposure to the Internet. This will include anything that is remotely exposed. Email, Web, routers, Firewalls, API's "everything"
Our Internal Vulnerability and Penetration test (VAPT) assesses your Internal network, and any devices reachable from a VPN System that we are granted full access to. This includes workstations, servers, cameras, printers, and just about everything you can think of that is on the Internal network. Our main goal here is to become "Domain Admin".
Advanced and very custom Phishing tests that will get a large portion of your targeted employees to expose userID's and Passwords. We generally run an average of 80% "click through".
Our Web Application Penetration Test (WAPT) is an assessment of the transactional elements of your web-based application. Applications such as online banking, online trading, eCommerce, Business to Consumer (B2C), Government to Citizen (G2C), or any other critical application, should have a comprehensive assessment of its security posture.