Know our SOC / CERT


We offer both ad hoc assistance during incidents and a proactive service of constant 24/7 monitoring of IT resources in terms of cybersecurity (threat intelligence and threat hunting using RedEye) and immediate response to incidents (computer forensics and intrusion analysis). We invite you to familiarize yourself with the SOC-as-a-Service service offered by our Security Operations Center (SOC) team.

Security Operations Center (SOC)


Security Operations Center (SOC)

Security Operations Center (SOC) is a team that constantly monitors the infrastructure for cybersecurity threats and responds to incidents such as hacker attacks.



We provide SOC outsourcing operating 24/7 and consisting of three lines of support – to learn more about our offer related to SOC/CERT/CSIRT services visit RTFS.PL.


REDTEAM.PL CSIRT (RFC 2350) is a recognized incident response team CERT/CSIRT and a member of the Trusted Introducer. We have published numerous security research on our techblog:

REDTEAM.PL combines real competences both in the field of offense and defense, and our cybersecurity research is widely recognized in the world. We use our extensive knowledge and several years of experience on proactive threat hunting. In addition, we also act as an IT Expert Witness to assist law enforcement in the fight against cybercrime.

Cybersecurity Experts

Our team has real experience in both offensive and defensive security. We offer services such as penetration testing, red teaming and social engineering excercises, as well as incident response and digital forensics. We have achievements in both of these areas, such as numerous credits for the vulnerabilities found, as well as recognized publications and research on defensive security. All this is additionally supported by dozens of references from satisfied customers. The high quality of the services offered is of key importance to us. Some of the media coverage or public apprecation of our work:

Our approach

We provide a wide range of advanced technical cybersecurity services, both in the field of defense and offense. Thanks to our diverse experience in many IT security specializations, we have a broader perspective on the implementation of each individual service. Our approach is based on many years of professional experience in the cybersecurity field and is based on three basic assumptions – prevention, detection and response.

Penetration Testing


Prevention by testing existing security measures and detecting weaknesses, security audits, vulnerability assessment, application security, penetration tests, cloud security reviews, social engineering and red teaming exercises.

Threat Hunting & Threat Intelligence


Proactive threat detection, threat intelligence and threat hunting using our proprietary RedEye solution and renowned endpoint protection software to effectively identify threats.

Digital Forensics & Incident Response


Incident response, malware analysis and computer forensics, including securing of evidence in accordance with standards. We have the status of a IT Expert Witness in Poland.

See the Competencies of Our Team

Our team identified and responsibly disclosed multiple critical and high rated vulnerabilities in popular global utilized products. We received acknowledgements eg. from the following organisations: