Lorikeet Security

Lorikeet Security is an offensive security platform that combines penetration testing, attack surface management, and compliance readiness in a single client portal. Built for SMBs and mid-market organizations, it delivers hands-on security testing alongside continuous visibility into external assets.

Penetration Testing as a Service (PTaaS) Scoped engagements across web applications, networks, cloud environments, and APIs. Clients receive real-time findings through the portal rather than waiting for a final PDF, with direct communication channels to the testing team throughout the engagement. Every test produces a formal report suitable for SOC 2, ISO 27001, and PCI DSS audit evidence.

Attack Surface Management (ASM) Continuous discovery and monitoring of internet-facing assets — domains, subdomains, IPs, certificates, exposed services, and leaked credentials. Alerts flag new exposures as they appear so teams can remediate before they are exploited.

Compliance & GRC Support Readiness assessments and evidence generation for SOC 2, ISO 27001, PCI DSS, and HIPAA. Includes policy templates, gap analysis, and penetration testing aligned to each framework's specific requirements.

Cybersecurity Awareness Training Phishing simulations and training modules for non-technical staff, with reporting for compliance and board-level visibility.

Lory — AI Security Assistant An in-portal AI assistant backed by a curated vulnerability knowledge base. Lory can answer remediation questions, explain findings in plain language, and take real actions inside the PTaaS portal such as pulling reports, surfacing asset details, and drafting remediation notes.

Lorikeet Security is operated by Lorikeet Corp, a U.S.-based offensive security firm. Engagements are delivered by experienced red team and penetration testing staff, with formal Rules of Engagement and Statements of Work issued before any testing begins.