Multi-Dimensional Risk Management: RedSpy Takes PenTesting From Cool To Super Cool With The SIG

RedSpy365 is a penetration testing and threat modeling platform that combines hundreds of security tools including the 2024 Shared Assessments Standardized Information Gathering Questionnaire (SIG) to measure and manage risk. This paper describes how RedSpy365, and founder Darren Manners, utilize the SIG to better understand control objects and allow users to quickly ascertain management responses to questions and expectations around security events automatically in real-time. Put on your 3D risk management glasses and enjoy the view!