Sometimes it takes a Blacklight
_
Offensive Security Experts
. /
When it comes to offensive security, we know what we're doing. We cover everything from penetration testing and red teaming, to dark web reconnaissance, DDoS testing, and beyond. Doing the bad stuff for good reason.
# >
Technical, through and through
We do what we do because we love it and we're good at it. We're technical through and through, working late into the night and venturing down whatever rabbit holes need exploring. And there's only one way for us to get better : keep doing it.
From the front lines, to the command line
>_
Our technical personnel are exclusively former and current military personnel, blending the worlds of physical security with digital. Reliable, consistent, disciplined and when the going gets tough : we can be trusted to get the job done.
Certifications
A collection of all the certifications held by Blacklight's offensive security specialists
OSCP
(OffSec Certified Professional)
Demonstrates the ability to identify, exploit, and remediate vulnerabilities through hands-on penetration testing across networks and systems
OSWP
(OffSec Wireless Professional)
Validates expertise in assessing, exploiting, and securing wireless networks and protocols.
OSED
(OffSec Exploit Developer)
Proves capability in advanced exploit development, reverse engineering, and crafting custom shellcode.
OSEP
(OffSec Experienced
Penetration Tester)
Shows proficiency in conducting advanced penetration tests including evasive attacks, AV/EDR bypass, and post-exploitation.
OSCE³
(OffSec Certified Expert)
Signifies mastery across exploit development, advanced penetration testing, and web application security, representing OffSec’s highest technical achievement.
GSOM
(GIAC Security Operations Manager)
Demonstrates ability to oversee and optimise SOC operations, workflows, and staff effectiveness.
GCIH
(GIAC Certified Incident Handler)
Shows expertise in detecting, responding to, and mitigating cybersecurity incidents.
GSTRt
(GIAC Strategic Planning, Policy & Leadership)
Proves skill in developing security strategies, policies, and governance aligned with business goals.
GEVA
(GIAC Enterprise Vulnerability Assessor)
Confirms ability to identify, assess, and prioritise enterprise vulnerabilities to reduce risk exposure.
GSLC
(GIAC Security Leadership)
Validates knowledge in managing security teams, budgets, and risk at the leadership level.
GICSP
(GIAC Industrial Cyber Security Professional)
Demonstrates expertise in securing industrial control systems (ICS) and OT environments against cyber threats.
CFCE
(Certified Forensic Computer Examiner)
Validates proficiency in digital forensic evidence collection, analysis, and reporting for legal or investigative use.
GEIR
(GIAC Enterprise Incident Responder)
Shows capability to lead and execute structured enterprise-level incident response efforts.
Red Team Ops
Proves advanced skills in adversary emulation, red teaming tradecraft, and bypassing modern defences.
GCFA
(GIAC Certified Forensic Analyst)
Confirms advanced expertise in deep forensic analysis, intrusion investigations, and incident response support.
PNPT
(Practical Network Penetration Tester)
Demonstrates real-world penetration testing ability, including external/internal assessments, OSINT, pivoting, and delivering professional findings to stakeholders.
CISSP
(Certified Information Systems Security Professional)
Validates broad expertise in designing, implementing, and managing enterprise security programmes across eight domains of cybersecurity.
