Find a pentest company with CREST
444 companies have this certification
CREST Cybersecurity Certification
Origin
CREST (Council of Registered Ethical Security Testers) was established in 2006 in the United Kingdom by a group of cybersecurity professionals and industry representatives. It was created to address the growing need for standardized, recognized qualifications in penetration testing and cybersecurity services. The organization emerged from concerns about the quality and professionalism of security testing services, aiming to provide a framework that would certify both individual practitioners and the companies that employ them.
Industry Value
CREST certifications are highly valued in the cybersecurity industry because they demonstrate a practitioner's technical competence and adherence to professional ethical standards. Many government agencies, financial institutions, and large corporations specifically require CREST-certified professionals when procuring penetration testing or security assessment services. The certification provides assurance to employers and clients that certified individuals have been independently verified to possess the necessary skills and knowledge, and that they follow established codes of conduct. This makes CREST credentials particularly important for cybersecurity professionals working in regulated industries or seeking to work with organizations that have stringent security requirements.
4ARMED
Cybersecurity company specializing in CREST-certified penetration testing, consultancy, and training; based in the United Kingdom with 2 employees and $2,002 annual revenue; focuses on securing cloud-native, web, mobile, and network environments.
PeopleSec™
Cybersecurity and investigations company specializing in human-centric security services; 3 employees, $22.8M revenue, founded 2015 in Huntsville, Alabama; offers penetration testing, security awareness, and social engineering solutions; 50% YoY growth, 5.0/5.0 employer rating.
Bishop Fox
Bishop Fox is a private cybersecurity firm specializing in offensive security, including continuous penetration testing, red teaming, and attack surface management; 235 employees, founded in 2005, headquartered in Tempe, Arizona; $75M annual revenue, $197.1M total funding, Series B in 2022-11-15; recognized leader in pentesting and security assessments.
Cobalt
Cybersecurity company specializing in offensive security and penetration testing services; 263 employees, $40M annual revenue, founded 2013 in San Francisco, CA; $37M funding, Series B in 2020; leader in pentesting as a service with a global rank of #218,785 and 168,644 monthly visits.
Bugcrowd
Bugcrowd is a cybersecurity company specializing in crowdsourced penetration testing and attack surface management; with 2,332 employees, $11.4B annual revenue, founded in 2012, headquartered in San Francisco, CA, and $230.7M in total funding, it provides a platform for security testing across various domains, emphasizing risk-based vulnerability management and threat mitigation.
HackerOne
Cybersecurity company specializing in vulnerability management, bug bounty, and penetration testing; 3,643 employees, $50M revenue, founded 2012 in San Francisco, CA; offers pentest services via PTaaS with vetted elite hackers; $159.4M total funding; global leader in CTEM; over 1.49M monthly website visits, ranked #28,429 globally.
Emagined Security
Cybersecurity company headquartered in San Carlos, California; offers penetration testing, managed SOC, vCISO, and other cybersecurity services; now part of Neovera after acquisition; CREST-certified pentest provider for network, application, and red team testing.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Tac Security
Cybersecurity firm specializing in risk-based vulnerability management and cyber risk quantification; offers advanced vulnerability detection, penetration testing, and attack surface management. Headquartered in San Francisco, CA; provides CREST-registered penetration testing and continuous attack surface testing.
Artifice Security
Cybersecurity company specializing in penetration testing; veteran-owned firm with 2 employees, founded in 2016, based in Denver, Colorado, USA; provides real-world attack simulations on networks, devices, web apps, infrastructure, and personnel to identify security risks.
Optiv
Cybersecurity consulting firm based in Denver, Colorado; provides penetration testing, vulnerability assessments, and cyber risk management services. Offers manual and automated pentest solutions, including white/grey/black box testing, with ongoing vulnerability exposure programs.
ManticoreAI
Cybersecurity company specializing in AI-powered penetration testing; founded 2025, 4 employees, Wilmington, Delaware, United States; offers rapid, continuous security assessments to reduce costs and improve security.
Orenda Security LLC
Cybersecurity company specializing in offensive security and penetration testing; CREST-accredited with 2 employees, founded in 2017, headquartered in Orlando, Florida, offering network, application, cloud, mobile, IoT security, and PCI DSS assessment services.
Kaseya
IT management software and security solutions provider based in Miami, Florida; offers integrated platform serving 365+ customers; provides penetration testing services via CREST-approved Vonahi Security, including automated network attack simulations to identify security gaps.
Vonahi Security
Computer and network security company specializing in automated penetration testing; offers vPenTest platform with real-time monitoring and compliance support; 21 employees, $3M revenue, founded 2018, headquartered in Atlanta, GA.
Advertise on pentest.fyi
You could be here!
VerSprite Cybersecurity
Cybersecurity IT services and consulting firm specializing in penetration testing, red teaming, and security assessments; founded 2007, headquartered in Atlanta, Georgia; 33 employees, $1.5M revenue; recent CREST/CIS accreditation; focuses on value-driven security solutions.
Forvis Mazars US
Public accounting and consulting firm based in Atlanta, Georgia, providing cybersecurity testing including penetration testing and ethical hacking; principal office located at 191 Peachtree Street NE, Suite 2700, Atlanta, GA 30303.
Coalfire
Coalfire is a cybersecurity and compliance services provider based in Chicago, Illinois, founded in 2001. With 676 employees and $200M annual revenue, it specializes in penetration testing, vulnerability assessments, FedRAMP, cloud migration, and AI risk management, serving enterprise, healthcare, and finance sectors. The company has received $9.4M in funding and is known for offensive security capabilities, including penetration testing services.
Commtech Industries
Cybersecurity company based in Metairie, Louisiana, providing penetration testing services; explicitly lists 'Network Penetration Testing' as a core offering, indicating expertise in ethical hacking and security assessments.
KoreLogic
KoreLogic is a private cybersecurity company specializing in penetration testing and security consulting; with 10 employees (+5.6% YoY growth), $20.3M annual revenue, founded in 2004, headquartered in Annapolis, Maryland, USA. They provide comprehensive testing services including mobile, cloud, web, social engineering, red teaming, and product security, serving Fortune 100 clients and the U.S. government.
Triaxiom Security
IT services and consulting company specializing in cybersecurity; offers penetration testing, security audits, and strategic consulting; 9 employees with 18.2% YoY growth; $3.0M annual revenue; based in Charlotte, North Carolina.
Primeon, Inc
IT services and consulting company specializing in enterprise application security, penetration testing, cloud security assessments, and code reviews; 11 employees with 3.7% YoY growth, $26.9M revenue; founded 1995; headquartered in Woburn, Massachusetts.
NetSPI
Cybersecurity company specializing in penetration testing and proactive security solutions; 449 employees, $125M revenue, $500M funding; headquartered in Minneapolis, Minnesota; founded 2001; offers application, cloud, blockchain, and network pentesting, with active PTaaS platforms for web and network security.
MSP Pentesting
IT services and consulting firm specializing in manual penetration testing for MSPs and vCISOs; based in Bozeman, Montana, with 3 employees and 150% YoY growth since 2021; focuses on cybersecurity, compliance, and advisory services.
CBIZ Pivot Point Security
CBIZ Pivot Point Security is a private information security consulting company founded in 2000, based in Hamilton Township, New Jersey, with 12 employees and $6.6M annual revenue. They specialize in information security management systems, compliance, penetration testing, and related consulting services, serving clients needing to demonstrate security and compliance. The firm has a declining YoY growth of -31%, a web presence with 9,795 monthly visits, and is positioned within a niche market against competitors like ssc-ict and Iron Bow Technologies.
BreachLock, Inc.
Cybersecurity company specializing in attack surface discovery, penetration testing, and red teaming; 88 employees with 3.4% YoY growth; founded in 2019; based in New York, NY; secured $3.1M in funding; CREST-accredited penetration testing provider; active in global security testing and vulnerability management.
FAR INDUSTRIES
Cybersecurity company specializing in high-end penetration testing, vulnerability assessments, and security consulting; founded in 2017, headquartered in New York, NY; 2 employees; offers diverse pentest services including application, internal, external, mobile, PCI, social engineering, and red teaming.
OSec
Cybersecurity services provider specializing in penetration testing across application, network, cloud, OT, mobile, IoT, and AI environments; headquartered in New York, NY, United States; offers expert consulting and the Incenter platform for security management.
PwC
PwC (PricewaterhouseCoopers LLP) is a professional services firm with 120,836 employees and $55.4B annual revenue, based in Charlotte, NC; offers assurance, tax, advisory, and cybersecurity penetration testing services, including Red Teaming, Web, Infrastructure, Mobile, OT/ICS, and IoT Hacking, recognized as a CHECK-approved provider.
Evoionos LLC
Cybersecurity company specializing in penetration testing and security assessments; 9 employees with 100% YoY growth; based in Austin, Texas, United States; offers digital forensics, incident response, threat intelligence, AI/ML security solutions.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Kulkan Security
Cybersecurity company specializing in penetration testing, ethical hacking, and security assessments; CREST-accredited with 17 employees, +14.3% YoY growth, founded 2011 in Houston, Texas; provides web, mobile, and network security testing services.
Strobes Security, Inc.
Cybersecurity company specializing in AI-driven Continuous Threat Exposure Management and penetration testing; 66 employees with 46% YoY growth; headquartered in Plano, Texas; founded 2019; $928.5K funding; active in vulnerability management, security automation, and penetration testing services; competes with RedSeal and OPSWAT.
Network Intelligence
Network Intelligence is a private cybersecurity firm specializing in AI-driven network security and penetration testing; based in Plano, Texas, with 403 employees, $7.2M annual revenue, and $4.8M in funding. The company offers advanced detection, response, data privacy, and AI security solutions, actively providing penetration testing services supported by technical frameworks and PCI DSS guidance. Founded in 2001, it competes globally within the cybersecurity market.
SpecterOps
Cybersecurity company specializing in adversary tradecraft, identity attack path management, and penetration testing; 196 employees with 87.5% YoY growth; founded 2017; headquartered in Alexandria, Virginia, USA; $108.5M in funding; known for BloodHound and active attack path management services.
Stratum Security: A Cyber Advisors Company
Cybersecurity-focused IT services and consulting company founded in 2005; based in Reston, Virginia, with 20 employees and $2.5M annual revenue. Specializes in penetration testing, application security, and cloud security, serving clients globally. Active in penetration testing engagements, as evidenced by recent projects and service offerings.
GuidePoint Security
IT services and consulting firm specializing in cybersecurity; 864 employees (+22.6% YoY growth), $300M revenue, founded 2011, headquartered in Reston, Virginia, USA; offers dedicated penetration testing and PTaaS services, emphasizing proactive security testing and risk mitigation.
UltraViolet Cyber
Cybersecurity firm headquartered in McLean, Virginia; provides penetration testing, red team, application security, and managed detection & response services; focuses on continuous security visibility and real-time threat response.
Ampcus Cyber
Cybersecurity company based in Chantilly, Virginia, specializing in penetration testing; CREST-listed for Red team assessments and web application penetration testing, demonstrating advanced offensive security capabilities.
Ultraviolet Cyber
Cybersecurity company based in McLean, Virginia; specializes in penetration testing, application security testing, cloud security testing, and Red Team engagements. Offers active testing across networks, applications, IoT, and social engineering, with a focus on identifying vulnerabilities and simulating attacks.
Casaba Security
Cybersecurity professional services firm specializing in penetration testing, cybersecurity testing, and governance for AI, cloud, and application security; 30 employees with 5.7% YoY growth, $29.6M revenue; based in Redmond, Washington, founded in 2002.
Redseclabs
Cybersecurity firm based in Wyoming, US, specializing in offensive security, penetration testing, and compliance services; CREST and QSA certified; serves fintech, banking, SaaS, and Web3 sectors; known for helping clients prevent breaches and pass security audits.
SEC Consult Group
IT services and consulting company specializing in application security, cybersecurity, and IT security management; 69 employees with -24.3% YoY growth, $45M revenue; founded 2002 in Vienna, Austria; offers penetration testing, security audits, ISO 27001 support, and cyber defense; recognized as a leading cybersecurity consultancy.
PwC Belgium
PwC Belgium is a private accounting and professional services firm headquartered in Diegem, Belgium, with 1,293 employees and a -5.2% YoY growth. The company offers audit, tax, consulting, legal, and HR services, and explicitly provides penetration testing, including Threat-Led Penetration Testing, Managed Penetration Testing, and AI Red Teaming, highlighting its capabilities in offensive security.
BDO
Private accounting firm headquartered in Brussels, Belgium, with 9,802 employees and $14B annual revenue; operates in 166 countries with 1800 offices; offers professional services including audit, advisory, tax, and security testing such as penetration testing; employs a workforce experiencing a 24.3% YoY decline; known for quality and technology-driven solutions.
AMATAS
Cybersecurity and investigations company specializing in penetration testing, incident response, and managed security services; 20 employees with 13.3% YoY growth; based in Sofia, Bulgaria; offers comprehensive cyber governance and offensive vulnerability scanning, with dedicated service pages and external accreditation confirming pentest expertise.
CyberOne
CyberOne is a Bulgaria-based private cybersecurity firm specializing in computer and network security; it offers penetration testing services including web application, external, and internal network tests, with two SOCs monitoring over 310 million threats daily. Founded in 2018, it has 6 employees and maintains a strong focus on cyber threat mitigation.
Protiviti Bulgaria
Protiviti Bulgaria is a cybersecurity consulting firm based in Sofia, Bulgaria, specializing in penetration testing services; it operates as a Bulgarian entity with headquarters in Sofia, as confirmed by local business profiles and registration data. The company offers cybersecurity solutions including pentest services.
qsecure
qsecure is a private cybersecurity firm specializing in computer and network security; founded in 2011 with 6 employees and 60% YoY growth, based in Strovolos, Nicosia, Cyprus. The company offers penetration testing, vulnerability assessment, red teaming, incident handling, and security awareness training, competing with firms like techberry infotech, nomino, and ewall solutions.
Qsecure
Cyprus-based cybersecurity firm specializing in enterprise-grade security solutions; offers penetration testing services across infrastructure, cloud, web applications, wireless networks, and social engineering, utilizing ethical hacking to simulate real attacks and improve security posture.
PwC
Global professional services firm based in Cyprus with 120,836 employees and $55.4B annual revenue; offers assurance, tax, advisory, and cybersecurity services including penetration testing and red teaming across multiple regions; competes with Deloitte and KPMG.
PwC
PwC is a private professional services firm with 120,836 employees and $55.4B annual revenue; based in Czechia with a Prague office at City Green Court, Hvězdova 1734/2c, Praha 4, confirming its formal Czech registration. The firm offers audit, assurance, tax, legal, deals, consulting, and cybersecurity services, including penetration testing validated by regional pages and CHECK certification, establishing its expertise in security testing.
ADO Security
Cybersecurity company specializing in awareness, defensive, and offensive security services; 14 employees; founded 2025; headquartered in Copenhagen, Denmark; offers penetration testing, vulnerability scanning, and cybersecurity awareness training.
KPMG
KPMG is a global professional services firm providing accounting, advisory, and consulting services with 47,522 employees and $36B revenue; based in Denmark with offices in Copenhagen and Hellerup, and a member of CREST with penetration testing capabilities.
CGI
IT Services and IT Consulting company with 59,616 employees, $10.8B revenue, and a $36.1B market cap; operates in Denmark through CGI Danmark A/S with multiple offices in Aarhus and Aalborg, and offers penetration testing services validated by NCSC and CREST.
PwC Denmark
Danish-based professional services firm headquartered in Hellerup, Denmark; offers consulting, audit, and advisory services including penetration testing and ethical hacking; registered in the Danish CVR with office at Strandvejen 44, 2900 Hellerup.
Netsolutions
Danish-based IT solutions provider specializing in cybersecurity services including penetration testing; headquartered in Denmark with 21 employees, offering 24/7 IT solutions and customer support.
SECNORA®
Cybersecurity and GRC consulting firm specializing in penetration testing; 22 employees with +15.4% YoY growth; registered in Estonia but headquartered in Grapevine, Texas, USA; founded 2018; CREST accredited; offers services in cybersecurity, network security, security training, and compliance.
Silverskin Information Security Oy
Cybersecurity company based in Helsinki, Finland, specializing in app security and continuous penetration testing; 20 employees (+18.2% YoY growth), $13.8M revenue, founded 2009. Focuses on secure-by-design advisory, security assessment, and embedding security into digital processes; operates in IT services and consulting industry.
Reversec
Cybersecurity consulting firm specializing in penetration testing and offensive security; NCSC-verified CHECK company; 148 employees; Helsinki, Finland; Founded over 30 years ago; Focused on helping organizations tackle complex cybersecurity threats through offensive-driven services and continuous research.
Bureau Veritas Group
Environmental services company specializing in sustainability, testing, inspection, and certification; 29,190 employees (+6.9% YoY growth); founded 1828; headquartered in France; offers penetration testing through dedicated cybersecurity services; active in markets like construction, oil & gas, and commodities.
VAADATA
IT services and consulting firm specializing in penetration testing and security audits; 10 employees, founded 2013, headquartered in Lyon, France; offers comprehensive cybersecurity testing including web, mobile, infrastructure, cloud, IoT, and social engineering.
Advertise on pentest.fyi
You could be here!
YesWeHack
Cybersecurity company specializing in bug bounty and vulnerability management; provides penetration testing services with dedicated solutions like Pentest Management and Continuous Pentesting; 331 employees (+60.7% YoY growth), $3.5M annual revenue, founded in 2015 in Paris, France; $79.3M total funding; recognized for CREST accreditation; operates globally with over 400 programs in 175+ countries.
Orange Cyberdefense SA
French cybersecurity firm based in Paris La Défense; provides penetration testing, red teaming, and threat-led security testing services, demonstrating a focus on active defense and attack simulation capabilities.
Systelium
France-based consulting firm specializing in AI and cybersecurity; offers penetration testing, audits, and compliance services; employs over 100 experts; headquartered in Paris, France.
Sopra Steria
Sopra Steria is a European consulting, digital services, and software development firm with 50,000 employees, headquartered in Paris, France. The company provides explicit penetration testing services, including internal/external testing and cloud pentests for AWS, demonstrating its active engagement in cybersecurity testing.
Check Point Software
Global cybersecurity provider with a registered French office in Courbevoie (SIREN 409865011); offers penetration testing services with CREST accreditation, including vulnerability assessments and simulated attack testing across networks and applications.
Nomios France
Cybersecurity firm based in Boulogne-Billancourt, France; provides penetration testing and security assessments; specializes in simulating real-world cyberattacks to identify vulnerabilities, adhering to PTES standards.
Coralium
Coralium is a private cybersecurity firm based in Paris, France, specializing in audits, testing, and training services with a focus on penetration testing, including internal pentests and simulated intrusion testing; 7 employees; Industry: Computer and Network Security; Founded in France; Active in cybersecurity audits, compliance, and training.
Claranet
Managed service provider offering network, hosting, and application services in France, UK, Germany, Netherlands, Portugal, Spain, Italy, and Brazil; headquartered in Paris, France. Provides cybersecurity solutions including CREST-approved penetration testing, with tailored attack simulations on networks, applications, and infrastructure.
Orange
Orange is a telecommunications and digital services provider headquartered in Issy-les-Moulineaux, France, with 38,184 employees and $43.6 billion in annual revenue. It has a EUR27.2 billion market cap and $6.5 billion in total funding, with recent acquisitions like MasOrange, S.L. Orange actively offers penetration testing services via its cybersecurity subsidiary, including Penetration Testing, Red Team Services, and Threat-Led Penetration Testing, emphasizing its capabilities in active security defense testing. The company is committed to social responsibility, digital equality, and building a safer digital world.
BeMSP
France-based private IT & Services company founded in 2014; 17 employees with +15% YoY growth; specializes in managed services and cybersecurity, including CREST-accredited penetration testing via vPenTest for active security assessments; active in community building for MSPs.
Atos
Atos is a France-based global IT services and consulting company with 39,394 employees and $9.5B annual revenue; operates in 61 countries under brands Atos and Eviden; European leader in cybersecurity, cloud, and high-performance computing; offers penetration testing services as part of its cybersecurity solutions, emphasizing active security testing and exploitation capabilities.
Aixagon
France-based cybersecurity firm specializing in penetration testing, phishing tests, and vulnerability scans; headquartered in Peypin, France, with official registration confirming its operations in France; offers offensive security assessments and pentest as a service.
Armada
France-based cybersecurity firm Armada - Exa offers managed infosec and cyberprotection services, including penetration testing, Red Teaming, Attack Surface Management, and Continuous Testing; holds CREST accreditation for penetration testing, demonstrating high technical standards and active security testing capabilities.
CyberOps Network
CyberOps Network is a private IT services and consulting company based in Berlin, Germany, founded in 2023 with 3 employees and 75% YoY growth. It specializes in penetration testing, web and network security, cloud & mobile security, red teaming, security audits, and social engineering, providing CREST-Approved expert cybersecurity services for businesses.
Blaze Information Security
Blaze Information Security is a private cybersecurity company specializing in offensive security and penetration testing; 43 employees with 21.3% YoY growth, $1M-$5M revenue, founded in 2016, headquartered in Germany, serving over 25 countries worldwide.
Cyco Cyber Competence Center Gmbh
Germany-based cybersecurity company offering 24/7 prevention, detection, incident response, and penetration testing services; registered at Amtsgericht Hannover (HRB 221945); specializes in infrastructure security, malware removal, and proactive attack simulation.
Netzexperten
German-based IT security company specializing in penetration testing services; headquarters located in Krefeld, Germany; website content in German and focused on cybersecurity solutions for German organizations.
Nomios Germany
Computer and network security company based in Dortmund, Germany; 25 employees with 13.8% YoY growth; specializes in penetration testing, vulnerability analysis, and security assessments, offering comprehensive cybersecurity solutions and an end-to-end SASE architecture portfolio.
MottaSec
Cybersecurity firm specializing in penetration testing, cybersecurity consulting, and bespoke security solutions; founded in 2022, with 2 employees and +150% YoY growth; based in Dafni, Greece, with expertise in ICS/OT pentesting, red/purple teaming, and ISO 27001.
Ukatemi Technologies
Cybersecurity company based in Budapest, Hungary, specializing in IT and OT security solutions; provides penetration testing services with a focus on vulnerability detection and security posture assessment; headquartered at 48 Soroksári út, Budapest.
Noventiq Hungary
Hungary-based IT solutions provider; headquarters in Budapest with main office at Fehérvári út 126-128, 1116 Budapest; offers penetration testing services including CREST-certified pentest capabilities, Vulnerability Assessment and Penetration Testing (VAPT), and web security testing.
Vertical Structure (Acquired by Instil)
Cybersecurity company specializing in security and penetration testing; founded in 2006, based in Belfast, Ireland, with 3 employees. Offers human-based penetration testing, security consulting, and training, including CREST & CHECK, ISO27001, and Cyber Essentials. Focuses on a human-centric approach to cybersecurity with a small team and niche market presence.
CommSec Cyber Security
Irish cybersecurity company providing penetration testing, security assessments, and SOC as a service; 15 employees, founded 2013, headquartered in Blanchardstown, Dublin, Ireland; focuses on resilience, compliance, and risk reduction for organizations.
WhatsExposed
IT Services and IT Consulting company specializing in cybersecurity; offers penetration testing, vulnerability assessments, and remediation workflows; founded 2022, 13 employees, Ireland-based, +137.5% YoY growth.
Secora Consulting Ltd
Cybersecurity company specializing in penetration testing and risk mitigation; CREST-accredited with 7 employees, founded in 2018, headquartered in Stranorlar, Ireland; offers comprehensive pentest services including web, API, network, mobile, cloud, and IoT assessments, with a global rank of #10,030,139 and 983 monthly website visits.
Integrity360
Integrity360 is a private Irish-based cybersecurity and IT consulting company with 237 employees, $146.8M revenue, founded in 2005. It is Ireland's largest cybersecurity specialist and offers comprehensive penetration testing services, including infrastructure, web app, API, mobile, Wi-Fi, IoT, cloud, AD, and segmentation testing, along with PTaaS. The firm operates across Europe, Africa, and the Caribbean, and has recently acquired Redshift Cyber Security and Holiseum. It ranks #779,785 globally and #165,814 in its country, with a focus on helping organizations grow securely.
It Governance Europe Ltd
Irish cybersecurity company specializing in penetration testing and IT governance; offers CREST-accredited pentest services and emphasizes risk management and compliance for organizations in Ireland and Europe.
SolutionLab
IT services and consulting company based in Lithuania; 32 employees with 9.5% YoY growth; founded in 2007; specializes in custom digital solutions and cybersecurity, including penetration testing, red-teaming, and attack simulation; primarily serves Scandinavian and Baltic markets; offers web development, cloud, and security services; 586 monthly website visits; competes with Penta Security Solutions, ProvenRun, and Tozny.
KPMG
KPMG is a global professional services firm specializing in audit, tax, and advisory services; it is based in Lithuania with offices in Vilnius and Klaipėda. The company provides penetration testing and security assessment services, including vulnerability scans and manual penetration testing, recognized by CREST membership.
Eurofins
Eurofins is a private biotechnology research company with 7,686 employees, $7.4B annual revenue, and EUR 8.8B market cap; headquartered in Luxembourg, Luxembourg. It operates a global network of over 1,000 independent companies and 900 laboratories across 62 countries, offering extensive testing services including food, environment, pharma, and CRO. Recently acquired SYNLAB España and provides penetration testing services via Eurofins Digital Testing, specializing in remote, local, web, API, and mobile assessments.
IMRIM
Cybersecurity firm based in Luxembourg; specializes in information security advisory and penetration testing services across web, app, network, and infrastructure; headquartered at 17, rue Edmond Reuter, Bâtiment Bouvreuil, L-5326 Contern, Luxembourg; actively recruits penetration testers.
CGI
Global IT and business consulting firm headquartered in Luxembourg; offers IT services, digital transformation, and cybersecurity including penetration testing, red team exercises, phishing simulations, and infrastructure assessments.
PwC
PwC is a private professional services firm with 120,836 employees and $55.4B annual revenue; based in Luxembourg at 2, rue Gerhard Mercator, L-2182 Luxembourg. It provides assurance, tax, advisory, and cybersecurity services, including penetration testing such as red teaming, web app, infrastructure, mobile, OT/ICS, and IoT testing, emphasizing active attack simulation capabilities.
SecAlliance
Cybersecurity company specializing in cyber threat intelligence and intelligence-led penetration testing; 35 employees, $7M revenue, founded 2007, headquartered in the Netherlands with addresses in The Hague and Groningen; active in threat analysis, security testing, and cybercrime investigations.
Fox IT
Netherlands-based cybersecurity firm specializing in penetration testing, red teaming, and attack simulation; offers in-depth vulnerability assessments and threat emulation services trusted by global corporations and governments.
APNT | Network Technology
Netherlands-based IT services and consulting firm founded in 2021 with 16 employees; specializes in network testing, monitoring, automation, and cybersecurity, including penetration testing via PTaaS and ethical hacking partnerships; active in HackerOne Bug Bounty programs; 1,536 monthly visits; global rank #8,159,584.
Bureau Veritas Cybersecurity
Netherlands-based IT services and consulting firm specializing in cybersecurity advisory, testing, and certification; offers active penetration testing services with multiple methods; 198 employees (+35.9% YoY growth), $12.3M revenue; operates in security audits, risk management, IoT certification, and digital security.
SAFE-Secura
Private cybersecurity firm based in Amsterdam, Netherlands, founded in 2000; specializes in penetration testing, vulnerability assessments, and red teaming with active testing across cloud, network, mobile, web, IoT, and infrastructure targets; certified CCV for pentesting; part of a 51-200 employee organization.
PwC Nederland
Netherlands-based professional services firm specializing in business consulting, audit, assurance, and cybersecurity; 2,890 employees; founded 1800; headquartered in Amsterdam. Provides penetration testing services including web application, internal infrastructure, active directory, and external infrastructure testing to identify security vulnerabilities.
TechMagic
Software development company specializing in end-to-end engineering services; provides penetration testing (pentest) services as confirmed by dedicated pages and CREST membership; 262 employees, founded 2014, Kraków, Poland, with 11+ years of market presence and 200+ successful projects.