Coalfire DivisionHex Offensive Security provides offensive security services designed to simulate real-world attacks and identify vulnerabilities before adversaries can exploit them. The service combines human expertise with adversary tactics to test organizational defenses. The offering includes three main service areas: Adversary Services that conduct attack simulations targeting people, processes, and technology to identify blind spots and improve threat detection capabilities; Penetration Testing that uses manual testing techniques informed by real adversary tactics to identify and prioritize exploitable vulnerabilities; and Compliance Testing that combines Coalfire's third-party assessment organization (3PAO) expertise with offensive security testing to meet regulatory standards including PCI, HIPAA, and FedRAMP. The service tests various attack vectors including AI-integrated systems, physical access points, cloud REST API vulnerabilities, and generative/agentic AI systems. DivisionHex uses the same tools and tactics employed by real attackers to expose security weaknesses across the entire ecosystem. Testing capabilities extend to cloud environments, with specific focus on cloud REST API security. The service has demonstrated capabilities in AI security testing, including deep fake attacks and testing of AI systems.