Knowledge Base

Questions, answered.

Everything you need to understand how Vatins engagements run — from adversary simulation to 24/7 SOC operations. Filter, search, or jump straight to the service you care about.

Talk to an Operator Explore Services

Services covered

Questions answered

Red team practices

Blue team practices

Browse the Knowledge Base

Pick a service, search a topic, or just start scrolling.

Filter by Red or Blue team, search by keyword, or open any service card to see every question we've heard from clients — with answers from the operators who run the engagements.

17 services · 36 questions

Red TeamingAdvance Threat Intelligence Assessment

Adversary Simulation (ATIA)

Realistic attack simulations that emulate sophisticated threat actors targeting enterprise environments.

Questions, answered.

Pick a service, search a topic, or just start scrolling.

Adversary Simulation (ATIA)

How is ATIA different from a penetration test?

How long does an engagement take?

Will the simulation disrupt production?

Do you need source code or insider access?

External & Internal Penetration Testing

Should we do external or internal testing first?

How often should we pentest?

Will testing affect uptime?

OSINT Investigations

How is OSINT different from a vulnerability scan?

Do you ever interact with our systems during the engagement?

Can OSINT feed into a red-team engagement?

How long does an investigation take?

Web & Mobile Application Security Testing

Do you test before or after release?

Can you test from a user account?

Social Engineering Assessments

Will employees know they were tested?

Is this legal?

Phishing Simulations

How often should we run phishing simulations?

Will this hurt employee morale?

Wireless Security Assessments

Do you need physical access?

Physical Security Assessments

Who knows about the engagement?

What if we're caught?

Exploit Development & Attack Simulation

Will the exploit be public?

Endpoint & Network Monitoring

Do you replace our existing SIEM?

What about cloud telemetry?

Malware Analysis & Mitigation

How fast is turnaround?

Vulnerability Management

Do you replace our scanner?

Incident Detection & Response

Do you offer IR retainers?

What if we can't isolate the environment?

Dark Web & Social Monitoring

What's your visibility into closed forums?

Dark Web Vulnerability Assessment (DWVA)

How is DWVA different from continuous dark-web monitoring?

How long does an engagement take?

Will you operate inside closed forums on our behalf?

What do you do with leaked credentials you discover?

Can findings be used in legal or insurance proceedings?

Is this safe — could attackers learn they're being watched?

SOC Monitoring

Where are your SOC analysts located?

Threat Hunting

How often should we hunt?

Looking for the deep dive on one capability?

Didn't find your answer?

Want a tailored answer for your environment?