OSCP Synack Red Team

About Virtus Cybersecurity

Professional penetration testing backed by hands-on offensive security credentials, military special operations experience, and a structured, transparent methodology.

Professional Background

Virtus Cybersecurity is Jon Munson's freelance penetration testing practice — built on a career spanning Army infantry, special operations, cyberspace warfare, and elite commercial security research.

Certifications & Credentials

OSCP

Offensive Security Certified Professional — the gold standard in hands-on penetration testing. Earned through a rigorous 24-hour exam requiring real exploitation of live systems.

Synack Red Team

Member of the Synack Red Team (SRT) — a vetted group of elite security researchers conducting crowdsourced penetration testing for enterprise clients worldwide.

Veteran-Owned

Army veteran with infantry, special operations, and cyberspace warfare experience. Military discipline and adversarial thinking applied to every security engagement.

PTES Methodology

All engagements follow the Penetration Testing Execution Standard — a structured, repeatable framework from scoping through reporting that ensures thoroughness and consistency.

Background & Experience

Jon Munson brings a career in high-stakes environments to every security engagement. As a United States Army veteran with experience in infantry, special operations, and cyberspace warfare, Jon developed precision and discipline in adversarial operations that directly inform his approach to penetration testing.

After transitioning to the private sector, Jon earned his OSCP certification and joined the Synack Red Team — placing him among a small percentage of security researchers cleared to test enterprise systems for global organizations.

Virtus Cybersecurity was founded to bring that same level of rigor and professionalism to small and mid-sized organizations that need real security assessments, not just compliance checkboxes.

Every engagement is conducted personally by Jon. No subcontractors. No junior testers. When you engage Virtus Cybersecurity, you work directly with the practitioner.

Methodology: PTES

All engagements follow the Penetration Testing Execution Standard (PTES) — a structured, repeatable framework so clients know exactly what to expect at every stage.

Phase 1

Pre-Engagement

Define scope, objectives, and rules of engagement. Confirm legal authorization, identify compliance requirements, agree on testing windows (business hours, off-hours, or weekends), and document all constraints before any testing begins.

Phase 2

Intelligence Gathering

Passive and active reconnaissance of the target environment. Identify the attack surface: hosts, services, applications, exposed credentials, and organizational structure. OSINT techniques applied where in scope.

Phase 3

Threat Modeling

Identify which discovered assets and vulnerabilities represent the highest risk based on your specific environment, threat profile, and compliance requirements. Prioritize the attack vectors most likely to be exploited.

Phase 4

Vulnerability Analysis

Systematic identification of vulnerabilities through scanning, enumeration, and manual analysis. Document configuration weaknesses, missing patches, and exploitable conditions across the scoped environment.

Phase 5

Exploitation

Controlled exploitation of discovered vulnerabilities to demonstrate real-world impact. Post-exploitation activity (privilege escalation, lateral movement) only within agreed scope. Password attack depth agreed in pre-engagement.

Phase 6

Reporting

Detailed report with executive summary and technical findings. Each finding includes: description, evidence, CVSS risk rating, and specific remediation guidance. Written for both technical staff and business stakeholders.

Transparency by default: Before any testing begins, Jon discusses your environment in a pre-test meeting to confirm scope, testing windows, post-exploitation approach, blue team awareness, and social engineering interest. No surprises — every decision is documented and agreed upon in advance.

Professional Standards

A security assessment is only as trustworthy as the practitioner conducting it. These principles guide every Virtus Cybersecurity engagement.

Legal First

Signed ROE Required

Every engagement requires a signed Rules of Engagement document before any testing begins. This protects the client and confirms Jon has explicit legal authorization to conduct the specified assessment.

Data Security

Encrypted & Access-Controlled

All findings, credentials, and reports are treated as sensitive. Client data is encrypted at rest and in transit. Reports are delivered through the secure client portal, not email attachments.

Actionable Reports

Executive & Technical

Reports include both an executive summary for business stakeholders and detailed technical findings for remediation teams. Each finding includes specific, actionable remediation guidance — not just "patch this CVE."

Ready to Work With a Professional?

Tell us about your environment and security goals. We'll follow up with a proposed scope and engagement process.

Request a Quote

Questions? Email jon@virtuscybersecurity.com