Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Forensic Five is a cybersecurity monitoring and consulting firm based in Alberta, Canada. It focuses on public website security assessments, continuous monitoring, and expert consulting for high-confidentiality environments such as law firms, accounting and tax practices, financial advisors, healthcare administration, family offices, associations, and nonprofit organizations. Its product entry points include the free Tank Scan/website security assessment and the continuous monitoring product Tank Agent.
Based on the available text, its focus is not simply automated scanning, but “scanning + continuous observation + named analysts + evidence-grade reporting.” The free assessment covers SSL configuration, security response headers, open ports, exposed services, known external-surface risks, and more. Tank Agent performs regular rescans, tracks changes in certificates, DNS, headers, and external attack surface, and produces monthly reviews and quarterly audit narrative packages. Services also include audit assessments, web/network/mobile/cloud/red team/social engineering penetration testing, security training, virtual CISO, compliance consulting, and incident response. Its reports can be mapped to frameworks or obligations such as law society guidelines, SOC 2, ISO 27001, PIPEDA, NIST, and CIS, but it does not claim to hold those certifications itself.
Its free scan and free written website security assessment have a low barrier to entry, requiring no registration and carrying no commercial obligation. Continuous monitoring mentions founding-customer/early-access pricing and states that a written proposal will be provided based on the organization’s obligations, sites, and reporting frequency, but no specific prices, plans, or SLA are disclosed.
The advantages are Canadian data residency, confidentiality by default, reporting narratives suited to audits/insurance/board-level use cases, and a co-managed model that prevents automated tools from making unauthorized changes to infrastructure. The drawbacks are that public materials provide limited detail on pricing, customer case studies, certifications, SLAs, third-party integrations, and endpoint/cloud runtime protection capabilities, so further due diligence is needed before purchasing.
It is better suited to Canadian professional services firms, or organizations affected by Canadian data residency requirements, as well as small to mid-sized organizations that need to translate website security status into auditable written materials. It is less suitable as a replacement for a full-stack enterprise SOC, EDR, SIEM, or cloud-native protection platform.
The main text does not provide information on access from China, nodes, ICP filing, or Chinese-language support, so actual availability is unknown. If a China-based team is considering procurement, it is recommended to first verify site accessibility, report language, contracting entity, cross-border data requirements, and local compliance obligations.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on forensicfive.com official site.
forensicfive.com is an Canada pentest provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Limited (proxy recommended). Click "Visit Official Site" to reach forensicfive.com directly.