RedSecLabs

RedSecLabs (RSL) is a CREST-certified penetration testing and PCI QSA consultancy founded in 2023 and headquartered in London. The company was established by Rafay Baloch, an internationally recognised cybersecurity researcher, and has rapidly grown to serve over 100 clients across more than 25 countries. RedSecLabs combines hands-on offensive security expertise with compliance assessment capabilities.

RedSecLabs offers a comprehensive suite of penetration testing services including web application testing, mobile application assessments, API penetration testing, network penetration testing, and cloud security testing across AWS, Azure, and GCP platforms. Beyond penetration testing, the company delivers adversary simulation and red team assessments, incident response and computer forensics, security reviews and code audits, and Web 3.0 and blockchain security assessments.

RedSecLabs achieved CREST certification in June 2025 and is recognised as a Qualified Security Assessor (QSA) Company by the PCI Security Standards Council. The company serves clients across the financial services, retail, and software sectors, with a 94% recurring client rate and over 250 successful projects delivered.