Horangi Cyber Security - a Bitdefender company
Speciality: Penetration Testing and Offensive Security Services
Horangi Cyber Security is a Singapore-based private cybersecurity company with 23 employees, $21M annual revenue, and $23.1M in total funding; specializes in advanced security solutions, consulting, and managed services. Known for penetration testing services including web, mobile, network, API, and wireless assessments, it is a leading cybersecurity firm in Asia. Acquired by Bitdefender in 2023, it competes with firms like drs, comsec, and tookitaki.
SOC 2 Type II Certification
Origin
SOC 2 (Service Organization Control 2) was developed by the American Institute of Certified Public Accountants (AICPA) in 2011 as part of their Service Organization Control reporting framework. It was created to address the growing need for standardized security and privacy assurance as more organizations began storing data in the cloud and relying on third-party service providers. The certification was designed to evaluate how well service organizations manage customer data based on five "Trust Services Criteria": security, availability, processing integrity, confidentiality, and privacy. Type II specifically requires organizations to demonstrate these controls over a minimum period of time (typically 3-12 months), rather than just at a single point in time.
Industry Value
SOC 2 Type II certification is highly valued because it provides independent verification that a company has implemented and maintained robust security controls over an extended period. For service providers, achieving this certification demonstrates credibility and commitment to data protection, often becoming a competitive differentiator and a prerequisite for winning enterprise clients. Many organizations, particularly in healthcare, finance, and technology sectors, require their vendors to be SOC 2 Type II compliant before sharing sensitive data or establishing business relationships. The certification gives customers confidence that their service providers have been audited by qualified third parties and meet industry-recognized standards for protecting information assets.
CREST Cybersecurity Certification
Origin
CREST (Council of Registered Ethical Security Testers) was established in 2006 in the United Kingdom by a group of cybersecurity professionals and industry representatives. It was created to address the growing need for standardized, recognized qualifications in penetration testing and cybersecurity services. The organization emerged from concerns about the quality and professionalism of security testing services, aiming to provide a framework that would certify both individual practitioners and the companies that employ them.
Industry Value
CREST certifications are highly valued in the cybersecurity industry because they demonstrate a practitioner's technical competence and adherence to professional ethical standards. Many government agencies, financial institutions, and large corporations specifically require CREST-certified professionals when procuring penetration testing or security assessment services. The certification provides assurance to employers and clients that certified individuals have been independently verified to possess the necessary skills and knowledge, and that they follow established codes of conduct. This makes CREST credentials particularly important for cybersecurity professionals working in regulated industries or seeking to work with organizations that have stringent security requirements.
- Bruce Automotive Group
- Cora Systems
- Campai BV
- Ferrari
- Sharp
- GoTo
- Adaptive Mobile
- Netgear
- LogMeIn
- GFI Software
- Konica Minolta
- Acronis
- WatchGuard
- Infatica
- Titan HQ
- Kerio
- Endian