// engagement_entry

Engagement

A single protocol. Scoped on entry. Applied as the system reveals itself.

Engagement is defined by the four-phase protocol on the homepage. This page does not restate it. The protocol governs scope, cadence, prerequisites, and exclusions.

Entry does not lock scope. The protocol determines whether audit, adversarial testing, hardening, or termination is appropriate.

Read the protocol →

// modes_of_work

These are not standalone services. They are applied within the protocol.

Scope is not selected on entry. It is determined during Phase 01.

You do not choose a mode. The system determines what is required.

audit --scope production

Systematic review of production systems. Identifies vulnerabilities, failure modes, and security gaps. Findings are prioritized by blast radius and exploitability.

Constraint: Not a compliance checkbox. Findings require remediation commitment. We do not produce shelf-ware.

pentest --mode offensive

Controlled offensive testing against live systems. We think like attackers so you can defend like one. Exploitation paths are documented when observed. Fixes are attempted when in scope.

Constraint: Live system access required. No sandboxed demos. Results may be uncomfortable.

harden --policy fail-closed

Implementing fail-safe defaults, rate limiting, input validation, and defense-in-depth controls. Building systems that fail closed, not open.

Constraint: Requires architectural authority. Cannot bolt security onto systems with no ownership.

If the protocol fits your system, the next step is Phase 01.

initiate --contact