Skip to content
  • Home
  • Company
  • Platform
  • Solutions
    • AI SOC
    • Offensive Security
    • Threat Intelligence
    • Vulnerability Management
    • Cyber Governance
  • Blog
  • Contact
  • EN
    • PT
    • ES
  • No Access
  • Home
  • Company
  • Platform
  • Solutions
    • AI SOC
    • Offensive Security
    • Threat Intelligence
    • Vulnerability Management
    • Cyber Governance
  • Blog
  • Contact
  • EN
    • PT
    • ES
  • No Access
  • Home /
  • Solutions /
  • Offensive Security
  • OFFICE SECURITY & ADVERSARY SIMULATION

See your network the way an attacker does — before one does

Mercurius runs manual-led Red Team, penetration testing and cloud assessments that don’t just list vulnerabilities — they prove the exact path an adversary would take to your crown jewels, and how to close it.

  • OWASP · OSSTMM · MITRE ATT&CK
  • Manual-led testing
  • BR · CL · US
Request a maturity assessment

or

Message a Specialist on WhatsApp
Attack Path → Crown Jewels RED TEAM
External Recon TA0043 · exposed asset Initial Access TA0001 · web exploit Priv. Escalation TA0004 · misconfig Lateral Movement TA0008 · cred reuse Crown Jewels
5 steps · 0 alerts triggered ● objective reached

100%

Manual-led, operator-driven engagements

3+

Frameworks every test maps to

3

Countries: Brazil, Chile, USA

PT·EN·ES

Reporting and debrief languages
  • DEFINITION

What is offensive security?

Offensive security is the practice of testing an organization’s defenses by emulating real adversaries — actively finding, exploiting and chaining vulnerabilities to prove what an attacker could actually achieve. Unlike a vulnerability scan, which lists weaknesses in isolation, offensive security demonstrates attack paths: how an exposed asset leads to initial access, privilege escalation, lateral movement and, ultimately, a business-critical outcome. It spans penetration testing (scoped, technical depth) and Red Teaming (objective-driven adversary simulation that also tests detection and response).

Red Team
Penetration Testing
Adversary Simulation
MITRE ATT&CK
OWASP
OSSTMM
Attack Path Mapping
Privilege Escalation
Lateral Movement
  • WHAT WE DELIVER

One governance program. Four jobs done.

From executive leadership to the slide your board actually reads — each capability stands alone or works as a single, mapped program.

  • 01 / RED TEAM

Red Team & Adversary Simulation

Objective-driven, stealth-focused operations that emulate a real threat actor end to end — testing not just your controls, but whether your team detects and responds before a defined business objective is reached.

MITRE ATT&CK
Detection & response
Assumed breach
  • When you need to test resilience, not just exposure
  • 02 / PENTEST

Penetration Testing

Internal and external testing of networks, applications and infrastructure with manual depth that scanners miss. Findings come with proof of exploitation and remediation guidance your engineers can act on.

OSSTMM
OWASP
Internal & external
  • When you need audit-ready proof (PCI DSS, ISO 27001, LGPD)
  • 03 / APPSEC

Application & API Security

Security assessments for web apps, mobile apps and APIs — business-logic flaws, authentication and authorization gaps, and the API risks that automated tools routinely overlook.

OWASP Top 10
OWASP API Top 10
Business logic
  • When you're shipping software and can't ship breaches
  • 04 / CLOUD

Board Reporting

Identify and exploit misconfigurations and excessive privilege across AWS, Azure and Google Cloud — the IAM, exposure and lateral-movement paths that turn one weak setting into full compromise.

AWS
Azure
Google Cloud
IAM
  • When your perimeter is now your cloud configuration
  • HOW IT WORKS

A disciplined engagement, start to retest

Every offensive engagement follows a defined, low-risk process agreed with your team before a single packet is sent.

01

Scope & rules

Targets, objectives, allowed techniques, escalation contacts and safe windows agreed in writing.

02

Recon

Map the real attack surface — exposed assets, identities and entry points an adversary would find.

03

Exploitation

Find, exploit and chain findings to prove impact, with a live activity log and a defined stop procedure.

04

Reporting

Executive and technical reports, findings rated by impact, mapped to your compliance frameworks.

05

Retest

Complimentary retest to confirm fixes hold — and a direct debrief with your security team.

 
  • WHAT YOU RECEIVE

Findings the board and the engineers can both act on

  • Executive report — risk in business language, ready for the board and cyber-insurance review.
  • Technical report — reproduction steps, evidence and severity for every finding.
  • Prioritized remediation — what to fix first, by exploitability and impact.
  • Compliance mapping — findings aligned to PCI DSS, ISO 27001, SOC 2 and LGPD.
  • Retest & debrief — validation that fixes hold, plus a live session with your team.
Findings Summary Engagement #MS-OS
Exposed admin interface → RCE CRITICAL
IAM over-privilege (cloud) HIGH
Broken object-level auth (API) HIGH
Credential reuse across segments MEDIUM
Attack path to crown jewels CONFIRMED
  • WHY MERCURIUS

Offensive-led by design — not a checkbox vendor

Most providers bolt a pentest onto a defensive practice. We start from the attacker’s perspective. That means findings that reflect how breaches actually happen, validated by people who have run security on both sides of the table.

Our leadership and operators work across Brazil, Chile and the United States — so you get regional regulatory fluency and reporting in the language your team and board actually use.

"A vulnerability list tells you what's broken. An attack path tells the board what's at stake — and that's the conversation that gets things fixed."
Marcos Reis​
CEO, Mercurius · former CISO for Latin America, Itaú
  • FAQ

What security leaders ask before engaging

What's the difference between a penetration test and a Red Team engagement?

A penetration test is a scoped, time-boxed assessment that finds and exploits as many vulnerabilities as possible in a defined target. A Red Team engagement is objective-driven and adversary-emulating: it tests whether your detection and response can stop a determined attacker from reaching a specific business outcome, using stealth and the full attack chain. Pentests measure exposure; Red Teams measure resilience.

Does a penetration test satisfy PCI DSS, ISO 27001 or LGPD requirements?

Yes. Independent penetration testing is an explicit control in PCI DSS, supports the technical-measures requirements of LGPD and GDPR, and provides audit evidence for ISO 27001 and SOC 2. We format reports to map each finding to the relevant framework so they stand up in audit and board review.

Are your tests manual or automated?

Manual-led. Automated scanners are used for coverage, but every engagement is driven by experienced operators who chain findings, bypass controls and reproduce real attacker behavior. You receive validated, exploitable findings with proof of impact — not a scanner export full of false positives.

What do we receive at the end of an engagement?

An executive report for the board and a technical report for your engineers, every finding rated by business impact and exploitability, reproduction steps, prioritized remediation guidance, and a complimentary retest to confirm fixes. We also debrief your security team directly.

How do you protect our production environment during testing?

Every engagement begins with a formal scoping and rules-of-engagement agreement defining targets, allowed techniques, escalation contacts and safe windows. Operators follow OSSTMM and OWASP methodologies, keep a live activity log, and have a defined stop procedure. Sensitive actions are coordinated with your team in advance.

Why choose Mercurius for offensive security in Latin America?

Mercurius is offensive-led by design, operating in Brazil, Chile and the United States with delivery in Portuguese, English and Spanish. Our leadership includes a former CISO for Latin America at one of the region’s largest banks, so engagements are run by people who understand regulatory and board expectations across the region.

  • GET STARTED

Find your attack path before someone else does

Tell us your environment and objective. We’ll come back with a scoping proposal and a recommended engagement — no obligation, no pressure.

  • Response within 1 business day
  • NDA-first
Transparent Shooting Stars

Ecosystem

A Unified Cybersecurity Ecosystem

Mercurius integrates best-in-class cybersecurity platforms to deliver automated and intelligence-driven security operations.

Strengthen Your Cyber Resilience Today

Our team helps organizations detect threats earlier, respond faster, and reduce cyber risk through intelligence-driven security operations.

Speak With a Specialist
  • Platform
  • Solutions
  • Threat Intelligence
  • Company
  • Resources

© Mercurius. All rights reserved. contact@mscyber.tech