loader image


in deep
About UsContact Us
rThreat Description

Providing measurement capabilities
rThreat Technology

rThreat enables Security Operation Centers, Information Security Professionals, and Incident Response Teams to conduct a pragmatic assessment of deployed cybersecurity solutions focused on objectively addressing cyber threats. To achieve this goal, rThreat uses a series of real artifacts, similar to those used by attack groups, to test a company’s security measures.

rThreat has two types of artifacts:


Known Artifacts

These are artifacts that correspond to known, persistent advanced threats. Known artifacts follow the different attack phases listed within the Attack Roadmap.


Unknown Artifacts

Also known as zero-day artifacts. What makes rThreat innovative is our team’s ability to write unknown malware and TTPs, which behave like those used by attack groups, to simulate attacks and validate a company’s security protocols.


Our technology applied to artifacts 

Known artifacts

Our Attack Roadmap illustrates the lifecycle of a known cyber attack. The artifacts released by rThreat allow us to evaluate established security solutions and find their corresponding execution in the attack phase, thus identifying important strengths and weaknesses.

How rThreat Works

rThreat uses HTTPS protocols on all REST-type endpoints. It uses text-based SSL / TLS security to create an encrypted channel that is more appropriate for sensitive information traffic than HTTP protocols. The encryption level depends on the remote server and browser used by the client and its agent. This prevents sensitive information (such as usernames, passwords, files, etc.) from being analyzed by attackers who intercept the connection's data transfer. The only thing they will obtain will be a flow of data encryptions that are impossible to decrypt.

What Makes rThreat Unique

What advantage does rThreat have over other competitors? On-demand testing using new zero-day artifacts. rThreat's research team creates and deploys undetectable, unknown artifacts on the network layer and endpoint. We then notify our clients so they can perform security tests before the device ceases to be zero-day. By doing this, companies can objectively validate their security infrastructure and identify any weaknesses against zero-day attacks.