Bishop Fox provides offensive security services focused on penetration testing, red teaming, and continuous threat exposure management. The company offers a range of security assessment services including application penetration testing, mobile application assessment, secure code review, cloud security testing, network security assessments (both external and internal), and product security reviews. Their service portfolio includes AI/LLM security assessments, social engineering, ransomware readiness testing, and incident response tabletop exercises. The company operates a platform called Cosmos that delivers attack surface management, application penetration testing, and external penetration testing services. Bishop Fox conducts vendor assessments including Cloud App Assessments (CASA), Oracle security assessments, and ioXt Alliance testing and certification. Their Continuous Threat Exposure Management (CTEM) services encompass attack surface discovery, attack surface testing, and emerging threat services. Bishop Fox serves enterprise clients across various industries and maintains a research practice that publishes security findings, open-source tools, and technical analysis. The company provides partner assessment programs and works with organizations to evaluate third-party risk. Their methodology emphasizes hands-on security testing delivered by security professionals rather than relying solely on automated tools or crowdsourced approaches.