Straight answers about how FireShield works, what it touches, and what an engagement looks like — the same answers you'd get from an engineer on a scoping call. If yours isn't here, ask us directly.
A scanner lists everything that could theoretically be exploited — often thousands of findings, none of them verified. FireShield walks the paths a real intruder would take, chains small issues together, and only reports what it has proven with evidence. You get a short, ranked fix list instead of a triage backlog.
Most engagements go from first email to a signed scope inside a week, and CloudShark typically confirms its first attack path within 48 hours of starting. Findings arrive in your dashboard live as they're proven, and the read-out with your ranked fix list usually lands in week two. After that the loop keeps running, re-testing as your environment changes.
Testing is run by CloudShark, our assessment engine, using the same techniques a skilled human attacker would — designed, supervised and quality-checked by FireShield engineers. Every confirmed path is reviewed by a person before it reaches your report, and an engineer walks your team through the results at the read-out.
CloudShark runs the same attack again. If the route is closed, you get a written all-clear confirming the fix worked; if it isn't, you'll know exactly why. Re-testing is part of every engagement, and the loop keeps re-checking after every change so the all-clear never goes stale.
Yes. CloudShark uses real attacker techniques but executes them safely — it proves a path is open without disrupting the systems on it. Across all assessments to date, zero live systems have been disrupted. Anything you consider too sensitive to touch is marked off-limits during scoping and stays that way.
Nothing. There are no agents, no appliances and no software to deploy or maintain. External testing starts from the outside, exactly as an attacker would, and internal or cloud testing runs through access we agree together at scoping.
On a thirty-minute call before anything runs. Together we write down what gets tested, what's explicitly off-limits, and when testing happens — nothing outside that document is ever touched. Scope can widen later as confidence grows; many clients start external-only and expand from there.
Yes. CloudShark tests AWS and Azure environments alongside your external perimeter and internal network, looking for the same thing everywhere: chains of small misconfigurations that add up to a real path. Cloud, on-premise or hybrid — the scope is yours to set.
Yes. An NDA is part of every engagement and is usually signed at or before the scoping call — we're happy to work from your paper or ours. Findings, evidence and reports are shared only with the people you name.
There are no public pricing tiers, because no two environments are the same size or shape. Every engagement is scoped and priced individually, based on what you want tested and how continuously. Tell us about your company and you'll have a concrete proposal, usually within one business day.
FireShield reports have been used to support SOC 2, PCI DSS v4.0, ISO 27001, NIS 2, HIPAA and Cyber Essentials requirements. Because every finding carries evidence and every fix a verified re-test, auditors get the artefacts they actually ask for: proof of testing and proof of closure.
Send a short note through the contact page about your company and what worries you. A real engineer — not a sales queue — replies within one business day with a draft scope. We hold a thirty-minute scoping call, sign the NDA, and testing starts on the date we agree.
Ask it directly. A real engineer replies within one business day — with answers, not a sales sequence.
Contact us