Red-team engagements, offensive security tooling, and adversarial testing. For authorised teams who want their infrastructure tested against realistic attack conditions — not scanner reports.
Scanners find known vulnerabilities. Red teams find the gap between what your defences are bought to do and what they actually do in practice. This is the gap that matters, and it's the gap we test.
Oxenex X5 covers three things: adversarial engagement services (physical penetration testing, social engineering under authorisation, full-scope red-team engagements), offensive security equipment retail (Wi-Fi assessment, RFID analysis, covert entry tooling — all verification-gated), and training programmes for internal security teams who want to develop their own adversarial capability.
We've written about what five years of physical penetration engagements reveal about how sites actually fail. The patterns are clear. The remedies aren't complicated. Most organisations just don't look for them until someone else does.
Everything on this layer operates under written authorisation. Before any engagement: rules of engagement document signed by the asset owner, legal review of scope, and a clearly bounded testing window. Before any equipment ships: verification of buyer identity, declared use case, and end-use compliance.
This is not bureaucracy — it's the difference between a legitimate security practice and something else. We decline engagements where authorisation isn't clean. We decline equipment orders where the use case doesn't hold up.
Most first-time clients start with a scoped physical penetration test — six to eight hours on site, defined objectives, a detailed report. It's the cheapest way to find out whether your security posture is where you think it is. From there, clients either schedule annual or semi-annual re-engagements, or move to broader programmes.
We also offer continuous red-team retainers for clients with critical infrastructure or high-value targets. Less common, more intensive.
Authorised physical penetration test of a mid-sized enterprise facility. Eight-hour engagement. Findings delivered; remediation path agreed.
Continuous red-team retainer for a critical infrastructure operator. Quarterly engagements, ongoing advisory, coordinated disclosure process.