Add the technical-detection layer to your social-engineering engagement.
You already test the human layer. We add the detection layer alongside it, so the customer gets one joint report covering both. You keep the customer relationship. We deliver the technical evaluation under your banner.
Fragile under real conditions
assumed to be holding
The technical control your engagement assumes is working.
under ordinary traffic
It drops below a coin flip on normal platform compression alone, with no crafted attack.
The collapse we document needs no crafted attack: ordinary platform compression alone pushes detection below a coin flip.
Read the benchmarkTwo ways to red-team a detector.
Both engagements run on the same dataset and the same methodology. They differ in who initiates them, who owns the customer relationship, and what the report says on the cover.
01
You submit a detector. We red-team it.
An independent red team against your own model. We attack your detector with the fraud that is actually circulating, under the conditions a real platform imposes, then return a verdict: pass, conditional, or fail. Where it breaks, you get the exact recipe that beat it, so you can fix it.
- Initiated by
- The detection vendor
- Duration
- 4 to 6 weeks, fixed scope
- Deliverable
- Red-team report with a verdict, per-group results, and the recipes that broke it
- Used for
- Procurement evidence, marketing-claim validation, pre-release QA
02
Your red team brings us in for the technical layer.
A partnership with red-team and security-awareness firms. The partner runs the engagement and keeps the customer; we add an independent review of the detection technology in scope, so the end customer leaves with one joint report covering both the human and the technical layer.
- Initiated by
- A red team or security-awareness partner
- Duration
- Matches the host engagement
- Deliverable
- Single joint report covering human and technical layers
- Used for
- Enterprise security audits, joint customer engagements
Pick the shape of engagement that fits.
We co-deliver under your banner: you keep the customer and the social-engineering scope, we add the detection-layer evaluation and the joint exhibits. One report, two layers covered.
One-time evaluation
You submit a detector. We return a verdict and the recipe behind any failure.
Continuous retest
Quarterly re-testing on a retainer as attacker tooling shifts.
Co-delivered engagement
We run the detection-layer evaluation inside your engagement, under your banner.
- 1Kickoff and scope
- 2Connect your detector
- 3We attack it
- 4Analysis and what broke it
- 5Verdict and debrief
One report, two layers
The joint deliverable, covered.
You keep the customer
We never sell into your account; the relationship stays yours.
Two layers, one statement of work
Your human-layer attack and our detection-layer evaluation in a single joint report.
Per-channel detection metrics
Included in the joint report by default, broken out by channel and group.
One measurement layer, every side of it.
Whichever side you are on, the same arms race runs underneath. See how we serve the rest of the market, or go straight to scoping your own evaluation.
Co-deliver with us.
Keep your customer and your social-engineering scope. We add the detection-layer evaluation and the joint exhibits, under your banner.