Black Hills Information Security logo

Black Hills Information Security

Community-driven penetration testing firm known for free security education, open-source tools, Wild West Hackin' Fest, and practical offensive security services.

Featured in: Best Red Teaming Companies

Founded
2008
Team Size
11-50
Geography
National
Last verified: Apr 2026

Key facts

  • Founded in 2008.
  • Headquartered in Spearfish, South Dakota, United States.
  • Team of 11-50 security professionals.
  • Holds SOC 2 accreditation.
  • Delivers 8 penetration testing services.
  • Typical response time: 1-2 weeks.
  • Serves clients in North America.
  • Specialises in Active Defense, Threat Hunting, and Security Education.
  • Compliance expertise across NIST CSF, PCI DSS, HIPAA, SOC 2, and CMMC.

About

Black Hills Information Security is a penetration testing and security consultancy based in Spearfish, South Dakota, founded by John Strand in 2008. The company has built an outsized reputation relative to its location and size through its exceptional commitment to community education, open-source tool development, and deeply practical approach to offensive security. BHIS is widely known in the cybersecurity community for their free webcasts, training courses through their Wild West Hackin' Fest conference, and the Active Countermeasures platform for network threat hunting.

Compliance Expertise

Best For

Mid-MarketSMBGovernment

Methodologies

OWASPPTESNIST

Team Activity

Active in CTF competitions
Wild West Hackin' Fest Organizers
Speaker: Wild West Hackin' Fest
Speaker: DEF CON
Speaker: BSides
Speaker: SANS Summit
Open source: Active Countermeasures
Open source: Backdoors & Breaches

Is this your company?

Claim Black Hills Information Security to verify the listing, update your services and pricing, respond to leads, and add the Verified badge to your profile. Free for companies, we just need to confirm your business email.

Claim This Profile