RedVeil is designed to mimic the behavior of a real human threat actor while taking appropriate precautions to minimize risk to production systems.
Testing is intentionally rate-limited and follows human-like workflows rather than aggressive, automated scanning. This approach helps reduce unnecessary load and avoids behavior that would be unrealistic in real-world attack scenarios.
However, no penetration test - whether automated or manual - can ever guarantee zero impact on production systems. Penetration testing is specifically intended to exercise behaviors and edge cases that systems were not designed to encounter.
💡 Helpful to know
RedVeil’s team has extensive penetration testing experience, and the platform includes multiple safeguards to reduce risk wherever possible. That said, we recommend notifying stakeholders and avoiding peak business hours when testing production environments.
RedVeil does not perform denial-of-service (DoS) or stress testing. Testing is focused on security validation, not availability testing.