Get actionable application security insights


We're offering a free application security hygiene assessment (valued at $250), so organisations can discover the assets they own and general state of security of these systems.

What you'll get

  • An application security hygiene assessment 
  • A report detailing assets within your perimeter, and their general state of security
  • A free consultation with our security experts

As part of our perimeter assessment, we'll assess your organization's exposure to Log4j.

Offer details

What does the assessment include?

As part of our free application security hygiene assessment, RedShield will discover the web-facing applications in your perimeter and their general state of security.

The output of this assessment is a report with a list of Fully Qualified Domain Names (FQDN) discovered, and any vulnerabilities identified on each FQDN.

What is an FQDN?

A Fully Qualified Domain Name (FQDN) is the complete domain name of a host, which is needed to make it accessible to the internet.

The FQDN follows the syntax [hostname].[domain].[top-level domain]. For RedShield's public-facing website,, ".co" is the top-level domain, "redshield" is the domain name, and "www." is the hostname.

If you are unsure of how to find your FQDN, please contact us.

What information do you use to produce the report?

To perform the application security hygiene assessment, we use our custom-built Open Source Intelligence (OSINT) scanner – a tool used to collect technical information from a variety of sources, such as Shodan (, Bit Discovery (, and SSL Labs (

How does the process work?

Complete the form, and we'll send you a report within days.

Our security experts are available for a free consultation to discuss the report, provide recommendations on next steps, and answer any questions you may have.

If there are critical findings identified in the report, you may wish to request a free trial. As part of the trial, relevant shields will be deployed to address vulnerabilities identified in the initial report. Configuration can be left in place for up to six weeks if you would like to conduct penetration testing to validate the effectiveness of the shields.