We Pentest



PurpleLeaf is a better penetration test that covers your organization continuously.

PurpleLeaf is a platform powered by passionate, research-focused, penetration testers.

How it works

We scope the size and complexity of your application or infrastructure.

We provide a quote for the testing (just as you would a traditional annual pentest).

Within 1 – 2 weeks your pentest report will be available.

Periodic testing continues throughout the year and will receive monthly reports as well as notifications for new vulnerabilities, assets, and applications discovered.

Continuous Coverage

A traditional pentest can leave you vulnerable for 11 months of the year. Our testing is performed throughout the year. PurpleLeaf allows for even a small number of hours to provide coverage for longer periods of time. With our model, you only pay for what you need.

Complete Attack Surface Visibility

Most pentest reports fail to show what your attack surface really looks like. In addition to showing vulnerabilities, we visualize applications, show dangerous services, and group findings by your business units.

Better Visibility

See your overall security posture, and drill down to low level configuration data. We show you what attackers see.

Cloud Coverage

Easily connect cloud assets to keep cloud services in scope

Retest on Demand

Stop waiting for time consuming coordination. Retest issues on demand with the click of a button.

Purpleleaf is developed and operated by Virtue Security, a New York City
based consultancy exclusively focused on pentesting.


Drop us a line and see how we’re
changing the way pentesting is done.
Drop us a line and see how we’re
changing the way pentesting is done.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply