In many countries, government agencies resort to third parties to acquire security services of many kinds, including Red Team operations to test the effectiveness of own defenses mechanisms. Absolute trust is a key requirement, lest a potentially devastating finding be exploited by a treacherous Red Team against the same entity which commissioned the operation, or sold to its adversaries. In our endeavour as a joint private-academic initiative to address this peculiar market, we observed that a structured approach to this issue is much less common than we would have expected. In this work, we outline the process we are devising to offer customers a verified environment, but integrating it with an evidence-based proof of their correct behavior during the operation, striving to solve the "Quis custodiet ipsos custodes" struggle in an offensive setting.