Find a pentest company with Cyber Essentials Plus
85 companies have this certification
Cyber Essentials Plus
Origin
Cyber Essentials Plus was created by the UK Government in 2014 in collaboration with the National Cyber Security Centre (NCSC), which is part of GCHQ. The scheme was developed in response to the growing threat of cyber attacks against UK businesses and organizations. It was designed to help organizations of all sizes implement basic cybersecurity controls to protect against the most common internet-based cyber threats, with the "Plus" variant including hands-on technical verification by qualified assessors.
Industry Value
Cyber Essentials Plus is highly valued because it provides verified assurance that an organization has implemented fundamental cybersecurity controls effectively. Unlike the standard Cyber Essentials self-assessment, the Plus certification requires external testing and vulnerability scanning, making it more rigorous and credible. It's increasingly required for UK government contracts involving sensitive information and is recognized by insurance providers, clients, and partners as evidence of a serious commitment to cybersecurity. The certification helps organizations demonstrate due diligence, reduce cyber risk, and differentiate themselves in competitive bidding situations.
Palo Alto Networks
Private cybersecurity company specializing in computer and network security; 13,033 employees (+11.2% YoY), $9.6B revenue, $105.1B market cap, headquartered in Santa Clara, CA; offers penetration testing via Unit 42, including attack simulations and vulnerability testing; competes with Fortinet, Forcepoint, Zscaler.
IOActive, Inc.
IOActive, Inc. is a private cybersecurity company founded in 1998, with 83 employees and $25M annual revenue. Based in Atlanta, Georgia, they offer full stack security assessments, penetration testing, red team services, and industrial security solutions across industries including critical infrastructure, healthcare, and finance. The firm is known for active attack simulations, vulnerability research, and recent recognition at cybersecurity awards, serving as a trusted advisor in hardware, cloud, IoT, and automotive security.
NetSPI
Cybersecurity company specializing in penetration testing and proactive security solutions; 449 employees, $125M revenue, $500M funding; headquartered in Minneapolis, Minnesota; founded 2001; offers application, cloud, blockchain, and network pentesting, with active PTaaS platforms for web and network security.
Silverfort
Silverfort is a privately owned cybersecurity firm headquartered in Plano, Texas, United States. It specializes in identity security and visibility intelligence, serving over 1,000 organizations worldwide. The company provides comprehensive identity protection across human, machine, AI, cloud, and on-premises environments, with services including annual penetration testing and security risk assessments.
IOActive, Inc.
Cybersecurity company specializing in penetration testing and full-stack security assessments; 83 employees, $25M revenue, founded 1998, headquartered in Seattle, WA; serves critical infrastructure, energy, finance, healthcare, and more; recognized for research-driven security services and red team operations.
Convergint
Global service-based systems integrator with Danish subsidiary Convergint Denmark ApS (CVR DK43510649) based in Copenhagen; provides security and technology integration services, including penetration testing (red team and pentest) as evidenced by a 2022 contract.
Cyber Security Finland
Cyber Security Finland is a private cybersecurity company specializing in network and data security, with a focus on penetration testing, vulnerability assessments, incident response, and security consulting; 4 employees, founded 2021, based in Helsinki, Finland. The company explicitly offers penetration testing services, including vulnerability assessments and advanced testing, demonstrating strong technical security expertise.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Orange
Orange is a telecommunications and digital services provider headquartered in Issy-les-Moulineaux, France, with 38,184 employees and $43.6 billion in annual revenue. It has a EUR27.2 billion market cap and $6.5 billion in total funding, with recent acquisitions like MasOrange, S.L. Orange actively offers penetration testing services via its cybersecurity subsidiary, including Penetration Testing, Red Team Services, and Threat-Led Penetration Testing, emphasizing its capabilities in active security defense testing. The company is committed to social responsibility, digital equality, and building a safer digital world.
Ergo
IT services and consulting company based in Dublin, Ireland; 420 employees, $214.4M revenue; offers IT solutions, managed services, cloud, security, and penetration testing; founded 1993; recognized as a leading provider in Ireland.
SecAlliance
Cybersecurity company specializing in cyber threat intelligence and intelligence-led penetration testing; 35 employees, $7M revenue, founded 2007, headquartered in the Netherlands with addresses in The Hague and Groningen; active in threat analysis, security testing, and cybercrime investigations.
InfoProtector Sp. Z O. O.
Cybersecurity company based in Kraków, Poland; specializes in penetration testing, IT audits, and security training; offers professional pentest services confirmed by service page listings and location data.
Omnicyber Security
Cybersecurity firm specializing in penetration testing, managed security, and compliance; based in Canada with a Canada office and local contact; emphasizes expertise in pentest services for diverse sectors.
Pentest People
UK-based security consultancy specializing in Penetration Testing as a Service (PTaaS); 76 employees with 20.2% YoY growth; offers web application and network penetration testing, simulating attacks to identify vulnerabilities; active in cybersecurity market with recent focus on security testing and cyber risk analysis.
SecQuest - a NCSC Assured Service Provider
UK-based cybersecurity consultancy specializing in penetration testing and security assessments; offers CHECK & CREST services with a team of 9 employees; founded in 2012; provides network, application, and infrastructure security testing, with 7,422 monthly website visits and a global rank of 2,835,237.
Advertise on pentest.fyi
You could be here!
Pentest Limited
Cybersecurity company specializing in penetration testing, red teaming, and consultancy services; 21 employees, $9.7M annual revenue, founded 2001 in Altrincham, UK; offers tailored testing, compliance, workshops, and research activities, with a global web rank of #3,838,798 and 4,379 monthly visits.
Pentiq
Cybersecurity company specializing in penetration testing and vulnerability assessments; based in London, UK, with 7 employees, founded in 2016. Offers ethical hacking, social engineering, security training, and compliance services, with active social media presence and a focus on secure testing environments.
Salus Cyber
Cybersecurity company based in the United Kingdom; specializes in penetration testing, incident response, data protection, and security strategy; 25 employees with 9.4% YoY growth; founded in 2017; offers comprehensive security services including ethical penetration testing and compliance testing.
CODA Security
Cybersecurity consultancy specializing in computer and network security; founded 2017, 4 employees, based in Leamington Spa, UK. Offers penetration testing, risk management, vulnerability assessment, and bespoke cybersecurity services; emphasizes high-quality, client-focused solutions and invests heavily in personnel.
Secarma Ltd
Cybersecurity company specializing in penetration testing services; based in Manchester, UK, with headquarters at 3 Archway, Birley Fields, Manchester, M15 5QJ; UK registered company number 04217114; explicitly offers penetration testing and cybersecurity assessments.
CODA Security Limited
UK-based cybersecurity consultancy specializing in bespoke services; offers penetration testing, vulnerability assessments, and risk management with experienced principal-led teams. Headquartered in Leamington Spa, Warwickshire.
Cyber Defence Ltd
Cyber Defence Ltd is a UK-based cybersecurity firm specializing in modern security operations, threat intelligence, and penetration testing; offers goal-driven pentest services across diverse environments, supported by CREST accreditation, and operates primarily in the UK and Europe.
Cyberlab
CyberLab is a UK-based cybersecurity firm specializing in penetration testing services; it explicitly offers penetration testing as a core service and is headquartered at Bridgford House, Heyes Lane, Alderley Edge, SK9 7JP.
Toro Solutions
UK-based security and investigations company founded in 2015, with 13 employees and a focus on cyber, physical, and personnel security. Known for creating the UK's first Red Team penetration test, it provides active penetration testing, cyber attack simulation, and security consultancy services, serving government and business clients globally.
3ct Security
UK-based cybersecurity firm specializing in penetration testing services; headquartered in Malvern, Worcestershire, with verified operations in the UK. Provides security assessments including vulnerability management and maturity evaluations.
Equilibrium Security
UK-based private cybersecurity firm founded in 2012; specializes in penetration testing, cyber essentials, cyber awareness, and phishing simulations; 2 employees with -73.3% YoY growth; 3,019 monthly visits; competes with Marco Technologies, Convergence Networks, and Trustwave.
Bulletproof (Cyber Security)
UK-based private cybersecurity firm with 96 employees (+0.8% YoY growth), $3.0M annual revenue; specializes in penetration testing, data protection, and compliance services; registered at 20 Grosvenor Place, London, and based in Stevenage, Hertfordshire; ranks #1,574,985 globally and #154,108 in the UK; active in cybersecurity & compliance categories including ISO 27001, SOC 2, GDPR, and red team assessments.
Wolf Network Security Ltd
UK-based cybersecurity company specializing in penetration testing; offers testing of web applications and infrastructure using automated and manual exploitation tools; registered in England and Wales with company number 10635866, located at 47 Lloyd Street, Manchester.
Secure360.io
UK-based cybersecurity provider in Inverurie, Scotland; offers enterprise-grade managed security services for SMBs with 24/7 protection and monthly penetration testing, emphasizing proactive threat mitigation.
𝐍𝐞𝐭𝐟𝐨𝐫𝐭𝐞 𝐂𝐨𝐧𝐬𝐮𝐥𝐭𝐢𝐧𝐠 𝐋𝐭𝐝
Cybersecurity solutions company specializing in advanced penetration testing services; based in London, UK, founded in 2023, with 2 employees and 100% YoY growth. Focuses on safeguarding digital assets and fortifying defenses against cyber threats.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Talion Cyber Security
Cybersecurity company specializing in hybrid cybersecurity services and penetration testing; 94 employees with 3.3% YoY growth; founded in 2020; based in Camberley, UK. Known for providing defense-grade cybersecurity solutions and explicit penetration testing services, with a focus on identifying vulnerabilities through simulated attacks.
NCC Group
UK-based IT services and cybersecurity consulting company; specializes in penetration testing, security assessments, and managed security services with 1,161 employees and $412.5M annual revenue. Operates globally with a focus on cyber resilience, responsible business, and sustainability; founded in 1999, market cap GBP 506.6M.
DigitalXRAID
Cybersecurity company specializing in penetration testing and security services; provides CREST-accredited web and internal penetration testing with active attack simulation capabilities; based in the United Kingdom with 39 employees and $8.6M annual revenue.
Closed Door Security
UK-based private cybersecurity company specializing in penetration testing, security assessments, engineering, and certification; CREST-accredited, partner of SBRC & Police Scotland, with 4 employees and 33.3% YoY growth; actively promotes penetration testing services through dedicated pages and certifications.
Fidus Information Security
Fidus Information Security is a UK-based private cybersecurity company specializing in penetration testing and network security solutions; 4 employees, $5M revenue, founded 2017 in Cambridge, UK. They offer advanced pentest services, network and IoT security, and serve diverse sectors including public, legal, and healthcare.
Paul Reynolds Cyber Security
Cybersecurity firm based in Solihull, UK, with additional operations in Dubai, UAE; provides penetration testing (pentest) services including PTaaS and certified testing teams, emphasizing offensive security expertise.
Brigantia by Elovade
UK-based IT services and cybersecurity consulting company with 30 employees, founded in 1996; specializes in cybersecurity solutions, including penetration testing via Rootshell, and supports channel partners with recurring revenue growth; part of the Elovade Group, with a focus on security assessments, red team engagements, and managed services.
CyPro
CyPro is a UK-based private cybersecurity firm specializing in computer and network security, with 15 employees and 16.7% YoY growth since 2022. It explicitly offers penetration testing services that simulate attacks to uncover vulnerabilities, supporting high-growth companies in scaling their security capabilities and gaining client trust.
Ascentor Ltd
Cybersecurity company specializing in cyber risk management, technical assurance, and penetration testing; 14 employees, $26.9M revenue, founded 2004 in West Malling, UK; offers CREST-certified pentest services, Cyber Essentials, and management consultancy, with a global ranking of #7,420,700 and UK rank #665,425.
Foresight Cyber
UK-based cybersecurity company specializing in penetration testing; offers dedicated pentest services as part of its cybersecurity assessments, with a registered London office at 71-75 Shelton Street, London WC2H 9JQ.
Acora - IT, Cyber & AI
UK-based IT services and consulting company with 337 employees and $63.5M revenue; specializes in secure digital transformation and offers explicit penetration testing, red-teaming, and attack simulation services; operates in IT infrastructure, security, and cloud solutions.
Kocho
UK-based cybersecurity firm specializing in Microsoft identity, security, and cloud solutions; offers penetration testing services and security consulting; registered in England and Wales (company number 04308824), with a London office.
Cyber Sense
Cyber Sense is a UK-based private cybersecurity firm specializing in penetration testing services, including internal, web application, and API assessments, with CREST registered testers and proactive threat intelligence; 2 employees, +25% YoY growth, founded in 2020, headquartered in London, UK.
Exponential-e
UK-based IT services and consulting company providing secure cloud, connectivity, cyber, and voice solutions; 492 employees, $255.7M revenue, founded 2002, headquartered in London. Offers penetration testing, red team testing, and website security testing, with a focus on active cybersecurity testing and exploitation simulation.
Reliance Cyber
Reliance Cyber is a UK-based IT services and cybersecurity consulting company with 48 employees and $5M-$25M annual revenue; specializes in penetration testing, threat intelligence, incident response, and managed security services, with a focus on safeguarding organizations in the digital landscape.
Closed Door Security
UK-based cybersecurity firm specializing in penetration testing and security assessments; registered in the UK (SC585645), headquartered in Stornoway, UK; offers professional pentest services as highlighted on their website and supported by external sources.
Attack Vector Ltd
UK-based cybersecurity firm specializing in penetration testing; offers infrastructure, web app, cloud, social engineering, and mobile testing; registered in London with Company No. 14996130.
NeedSec Limited
UK-based cybersecurity company specializing in penetration testing; headquartered in London, with a registered office at 86-90 Paul Street, London, England. Provides security testing services to identify system vulnerabilities.
Pentest Limited
UK-based cybersecurity company founded in 2019; registered at 22 Great James Street, London, with company number 11925182; provides manual penetration testing, red teaming, and security consultancy services.
Techforce
UK-based cybersecurity firm headquartered in Aberdeen and Edinburgh; offers penetration testing, cyber maturity assessments, Cyber Essentials certification, virtual CISO, vulnerability management, and managed security services; specializes in protecting businesses from cyber threats with expert consulting and testing solutions.
4N6
IT services and consulting company specializing in cybersecurity, troubleshooting, diagnostics, post-incident reviews, and digital forensics; offers full penetration testing services including active exploitation, vulnerability analysis, and remediation; based in London, UK with 1 employee, 1,122 monthly website visits, and ranked #11,322,919 globally.
Securious - Data and Cyber Security
Cybersecurity compliance and pentesting company based in Exeter, UK; 11 employees with 18.2% YoY growth; founded in 2007; provides PCI DSS, ISO 27001, Cyber Essentials, and penetration testing services to UK and international clients.
Cybergen® Security
Cybergen® Security is a UK-based IT services and cybersecurity consulting firm founded in 2023, with a focus on penetration testing, red teaming, and threat mitigation. The company provides CREST-accredited penetration testing and 24/7 managed detection and response, emphasizing proactive security testing and vulnerability identification, despite having only 1 employee.
Protection Group International
Protection Group International is a UK-based security and investigations firm specializing in digital resilience, security consulting, and cyber security services; with 77 employees (+10.6% YoY growth), $15M annual revenue, founded in 2013 in London. PGI provides CREST-aligned penetration testing services, demonstrating formal technical standards, and serves a global client base including governments and NGOs. The company operates in multiple languages and maintains active social media engagement.
Arcanum Information Security
Cybersecurity company specializing in penetration testing and security training; 2 employees with 100% YoY growth; based in Llanegwad Ed, UK; offers external and web application pentest services, training, and media; 15,303 monthly visits, global rank #1,648,340.
GoDefend (Cyber Security)
Cybersecurity company based in the United Kingdom; specializes in data security software, penetration testing, breach detection, and compliance solutions; 5 employees, founded 2018, $3.3M funding, recent £250K investment to grow threat detection tech; competes with qingteng cloud security and sonet.io.
CYFOR Secure | Cyber Security
Cybersecurity company based in Manchester, UK, with $4.1M annual revenue; specializes in penetration testing, digital forensics, incident response, vulnerability assessments, dark web monitoring, and cybersecurity audits; founded in 2002.
tmc3
IT services and cybersecurity company based in the United Kingdom; 20 employees with 27.3% YoY growth; founded in 2021; specializes in penetration testing, data protection, security assurance, and secure development lifecycle for government, critical infrastructure, and healthcare sectors.
Methods
UK-based private IT & Services company specializing in digital transformation and cybersecurity; 313 employees, $148.4M revenue, founded 1990, headquartered in London, UK; provides penetration testing services with active engagements and case studies demonstrating expertise.
Acutest
UK-based software testing and quality assurance consultancy; offers penetration testing services; registered in York, England, with additional UK addresses; specializes in testing software, business processes, and IT to improve digital transformation projects.
Predatech
UK-based IT services and cybersecurity consultancy specializing in penetration testing, vulnerability management, and security certifications; 8 employees with 28.6% YoY growth since 2020; offers CREST-accredited pentest services and helps organizations enhance cyber defenses.
Advertise on pentest.fyi
You could be here!
CyberOne
CyberOne (Comtact Ltd.) is a UK-based private cybersecurity firm specializing in proactive security testing, including CREST-accredited penetration testing; 51 employees with +23.4% YoY growth; $12M annual revenue; founded in 2005; offers integrated security solutions such as identity management, email, internet, and network security; recognized as one of 100 global Microsoft partners.
Cybertec.group
UK-based cybersecurity firm specializing in penetration testing; offers CREST-qualified assessments for corporate and government clients, emphasizing integrity and professionalism; over 140 years of experience.
Citation Cyber
Citation Cyber is a UK-based IT services and cybersecurity consulting company with 23 employees and GBP 1.0M annual revenue; founded in 2012 and headquartered in Lancaster, UK. The firm specializes in certified penetration testing, including web, cloud, mobile, and physical assessments, to safeguard systems and data. It competes with Novicom, QSEAP, and Assured, and actively engages in cybersecurity news and awareness campaigns.
Secure Nexus
Secure Nexus is a private UK-based technology and cybersecurity firm founded in 2023, with 2 employees. Specializing in advanced network design, penetration testing, and security solutions, it aims to build a secure digital nexus for clients. Headquartered in Stirling, Scotland, the company focuses on safeguarding digital assets and optimizing connectivity.
Ethernal
Cybersecurity company specializing in network security, penetration testing, and cyber resilience; founded 2015, 2 employees, based in Highbridge, UK, with 100% monthly growth and services including security health checks, endpoint protection, and compliance.
TIEVA
UK-based IT services and consulting company specializing in transformative business IT solutions, multi-cloud strategies, and cybersecurity, including penetration testing services; 135 employees (+0.6% YoY growth); founded 2007; headquartered in Leeds, UK.
Astrix
Astrix is a UK-based private cybersecurity firm founded in 1997, with 6 employees and a -16.7% YoY growth. It specializes in computer and network security, explicitly providing penetration testing services as part of its cybersecurity assessments, utilizing questionnaires, automated tools, interviews, and pentests. The company has a modest web presence with 1,208 monthly visits and a global rank of approximately 9.94 million.
Forensic Control
Cybersecurity consultancy based in London, UK; specializes in penetration testing, security assessments, and vulnerability scans; headquartered at 15 Belgrave Square, London, SW1X 8PS; offers tailored cybersecurity solutions to assess, prevent, and respond to cyber threats.
IOActive, Inc.
IOActive, Inc. is a private computer and network security firm founded in 1998, with 83 employees and $25M annual revenue; they have a UK-registered branch, IOACTIVE EUROPE LIMITED, based in London. The company offers full-stack security assessments, secure development lifecycle, advisory, and training services, serving industries such as critical infrastructure, healthcare, and finance. They explicitly market penetration testing and red team services, and have been recognized with cybersecurity awards; recent activities include security research and vulnerability disclosures.
iSoft
UK-based cybersecurity firm specializing in penetration testing and ethical hacking; headquartered in Stockport, Cheshire, UK, with a presence in Manchester. Focuses on identifying vulnerabilities and safeguarding data against advanced cyber threats.
A&o It Group
Cybersecurity firm specializing in penetration testing; offers CREST-accredited pentest services across web, mobile, API, network, and physical security; UK-based with headquarters in Bracknell, Berkshire, serving clients worldwide.
Akita
UK-based IT company specializing in managed IT services and cybersecurity; offers CREST-accredited penetration testing services with headquarters in Sevenoaks, Kent, and Wrotham, Kent.
Data Connect Group
UK-based cybersecurity firm specializing in penetration testing; offers CREST-accredited services with a dedicated testing page and detailed FAQs; headquartered in Harrogate, West Yorkshire, with registered office in West Yorkshire.
Goaco
UK-based cybersecurity consultancy specializing in penetration testing; offers internal/external pentest services and delivers secure, innovative cybersecurity solutions. Registered in the UK with offices in Ebbsfleet/Northfleet and Scotland; recognized for its trusted expertise in cyber security testing.
Sytech
UK cybersecurity consulting firm specializing in penetration testing; provides controlled, accredited cyber attack simulations for public and private sector clients across the UK, including police forces and government agencies.
Css Assure
UK-based cybersecurity firm specializing in security & compliance, including penetration testing, data protection, and certification programs; registered at No.1 Colmore Square, Birmingham, UK, as Cyber Security Strategies Ltd (Company No. 11070817). Offers technical services such as vulnerability scanning and penetration testing, with dedicated pages and blog content highlighting their expertise.
Cyber Tzar
Cyber Tzar Limited is a UK-based cybersecurity firm specializing in enterprise supply chain risk management; offers penetration testing services including Pen Test as a Service and Automated Penetration Testing, with headquarters in London, UK.
Spritzmonkey
Cybersecurity consultancy based in the United Kingdom; specializes in CREST-certified penetration testing and vulnerability scanning services, actively marketing these capabilities and participating in industry events as a recognized provider.
INTEX IT
IT services and consulting company specializing in information security; provides penetration testing, security audits, data protection, PCI compliance, and security awareness training; based in Chatham, UK, founded 2002, with 2 employees; focuses on security consultancy and compliance services.
D2NA
IT services and consulting firm specializing in cybersecurity; offers penetration testing, cyber security solutions, and expert advice; based in Stoke-on-Trent, UK, with 24 employees and over 20 years of experience.
Arculus Cyber Security
Cybersecurity and compliance firm based in London, UK; provides penetration testing, security architecture, compliance, and risk management services; 6 employees with 52.9% YoY decline; specializes in cyber essentials, SOC 2, and cyber readiness assessments; Bridewell company.
Nihon Cyber Defence Co., Ltd.
Cybersecurity company specializing in threat intelligence, incident response, and penetration testing; 28 employees with +27.3% YoY growth; founded 2017; based in Chiyoda, Tokyo, Japan; provides advanced cyber resilience services to critical infrastructure, government, and global organizations.
NEC
Japanese multinational IT corporation headquartered in Tokyo, Japan; provides cybersecurity services including penetration testing to evaluate system vulnerabilities; known for innovation in digital technology and security solutions.
Scc Vietnam
Vietnam-based cybersecurity firm established in 2016 with local operations in Ho Chi Minh City; offers penetration testing services including CREST-accredited assessments by CHECK-certified ethical hackers, covering cloud, web apps, and infrastructure with external and internal testing.
Astria Corporation Philippines
Digital forensics and cybersecurity company based in Pasig City, Philippines; provides penetration testing, vulnerability management, and red team/blue team exercises; verified headquarters in Pasig, Philippines, with a focus on digital investigations and security testing.