Ballpoint is a French cybersecurity company headquartered in Paris, specializing in offensive security services and information system security. The company is ISO 27001 certified by BSI Group and is referenced on the French government's cybermalveillance.gouv.fr platform. It is also a member of the Platform58 incubator of La Banque Postale. Its core service offering includes penetration testing across web, API, mobile, and desktop applications, as well as internal and external network pentests. Beyond standard pentesting, Ballpoint conducts Red Team exercises that simulate realistic attack scenarios involving phishing, exploitation of external vulnerabilities, and physical intrusion. The company also runs phishing simulation campaigns to test employee awareness, performs configuration audits for cloud environments and application deployments, and conducts architecture audits to evaluate defense-in-depth and network flow management. Additional services include incident response and digital forensics to support organizations that have experienced a cyberattack, security awareness training for employees, and secure development training for developers. Ballpoint also offers project security consulting for organizations seeking to integrate security into new initiatives. In addition to its services, Ballpoint develops and operates Trapster, a deceptive security software product. Trapster is designed to detect network intrusions and lateral movements using honeypots and honeytokens. The company maintains a technical blog covering topics such as cryptography, cyberattack case studies, and certification guides.