Find a pentest company with DORA
26 companies have this certification
DORA (Digital Operational Resilience Act)
DORA is a regulatory framework created by the European Union that entered into force in January 2023, with full application required by January 2025. Developed by the European Commission, the European Parliament, and the Council of the European Union, DORA was established to strengthen the digital operational resilience of financial entities across the EU. The regulation emerged from growing concerns about cyber threats, ICT disruptions, and third-party dependencies that could destabilize the financial sector, particularly following increased digitalization and cloud adoption in financial services.
DORA is highly valued in the penetration testing and cybersecurity industry because it mandates comprehensive testing requirements for financial institutions, including advanced threat-led penetration testing (TLPT) for critical entities. Penetration testing companies reference DORA compliance as it creates significant demand for their services—financial organizations must conduct regular security testing, vulnerability assessments, and sophisticated red team exercises to meet regulatory obligations. For cybersecurity firms, demonstrating knowledge of DORA requirements and offering DORA-aligned testing services has become a competitive differentiator, as it shows they understand the specific regulatory landscape their financial sector clients must navigate and can deliver testing programs that meet these stringent EU standards.
Rhymetec
Rhymetec LLC is a cybersecurity firm specializing in penetration testing and offensive security services; 37 employees with 27.8% YoY growth; based in New York, NY, founded in 2015. The company offers web, mobile, and network penetration testing, including AI-powered solutions, and is actively expanding through partnerships and geographic growth.
UprootSecurity
UprootSecurity is a private cybersecurity firm specializing in penetration testing and vulnerability management via its PtaaS platform; 7 employees with 16.7% YoY growth, founded in 2024 in Wilmington, Delaware. The company focuses on reducing breach risk through compliance automation, combining technology and human expertise, and operates in categories including security, risk assessment, and attack surface management.
Prescient Security
Cybersecurity company specializing in penetration testing, compliance, and web application security; 196 employees (+52% YoY growth), $23.9M revenue, founded 2018 in Nashville, Tennessee, serving over 5,000 clients worldwide.
Trellix
Cybersecurity company specializing in threat detection and response; headquartered in Plano, Texas, with 6,000 employees; provides penetration testing services including manual assessments and automated testing via RidgeBot.
Redseclabs
Cybersecurity firm based in Wyoming, US, specializing in offensive security, penetration testing, and compliance services; CREST and QSA certified; serves fintech, banking, SaaS, and Web3 sectors; known for helping clients prevent breaches and pass security audits.
UNITAS
IT Services and IT Consulting firm specializing in information security, IT security, GRC/compliance, and IT auditing; offers penetration testing via pentest-as-a-service, vulnerability scanning, and exploitability assessments; 13 employees, founded 2019, headquartered in Aarhus, Denmark.
45 Cyber Labs
Cybersecurity firm specializing in penetration testing, DevOps validation, and cyber skillup; founded in 2024, based in Espoo, Finland, with 2 employees and +500% YoY growth, dedicated to improving cyber awareness and security readiness in the Nordic region.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Patrowl.io
Patrowl.io is a France-based SaaS provider specializing in external security posture management; founded in 2020 and headquartered in Paris. The platform offers penetration testing services, including real exploit simulations, attack testing, and remediation, demonstrating its active security testing capabilities.
Hackcyom
Cybersecurity consulting and audit firm based in Paris, France; specializes in penetration testing ('tests d'intrusion') with a focus on cybersecurity assessments and audits.
Bonjourcyber
Cybersecurity company based in Paris, France, specializing in penetration testing and cybersecurity audits; explicitly states expertise in ethical hacking and defense testing, serving SMEs and ETIs in France.
Own.security
Cybersecurity firm headquartered in Paris, France, specializing in tailored security solutions and penetration testing services; offers Black Box and Gray Box testing using OWASP and OSSTMM methodologies across various targets.
Cs Group
Cybersecurity and consulting firm based in France; provides penetration testing (pentest) services as part of its operational cybersecurity offerings; headquartered at 22, avenue Galilée, Le Plessis Robinson, France.
Alphabit Cybersecurity
Cybersecurity company specializing in computer and network security services; offers penetration testing, risk assessment, and expert consulting with 10 employees, founded in 2008, based in Khalándrion, Greece. Known for providing expert cybersecurity services and active in compliance, digital forensics, and managed security services.
Makay Kiberbiztonsági Kft.
Cybersecurity company specializing in penetration testing, threat intelligence, and IT security services; founded in 2017 with 2 employees in Budapest, Hungary. Offers a wide range of security solutions including red teaming, ransomware protection, and data center management.
Advertise on pentest.fyi
You could be here!
Gerico Security Srl
Gerico Security Srl is a Milan-based cybersecurity consulting company specializing in penetration testing, risk management, and operational continuity; with 15 employees, 28.6% YoY growth, founded in 2019, and offering services including offensive security, cybersecurity audits, and compliance consulting (ISO27001, ISO22301, PCI-DSS).
EcomWall
IT services and consulting company specializing in fraud prevention and threat intelligence for e-commerce; offers penetration testing services with customized testing and vulnerability reports; based in Vilnius, Lithuania, founded in 2023, with 5 employees.
SAFFRON Sp. z o.o.
Poland-based IT services and consulting company specializing in cybersecurity, GRC-as-a-Service, and penetration testing; 6 employees with 28.6% YoY growth; founded 2015; headquartered in Gdańsk, Poland; offers security testing, risk management, compliance, and cybersecurity governance services.
Patronusec
Cybersecurity firm based in Poznań, Poland; provides penetration testing services including infrastructure, application, web app, and network assessments; headquartered at ul. Św. Marcin 29/8, 61-806 Poznań, Poland.
ChangePro
IT services and consulting company based in Poland; specializes in cybersecurity awareness, phishing, security, and penetration testing with detailed testing scopes and industry-standard practices; 3 employees; Founded 2018.
Cybertix Simulation Technologies
Cybersecurity company specializing in AI-driven automated solutions for SMEs; offers penetration testing, attack simulations, and OT security expertise; 14 employees, founded 2023, based in San Sebastián, Spain; $2.1M funding.
Hard Link Security S.L.
Cybersecurity consulting firm based in Spain; specializes in security measures deployment, compliance, forensic IT, and penetration testing for web, mobile, network, and cloud environments; 4 employees, founded 2023, headquartered in Albacete.
Sentor Managed Security Services
Cybersecurity company specializing in computer and network security; offers penetration testing services with dedicated external/internal pen-test offerings; based in Kungsholmen, Sweden; 45 employees; founded 1998; $10M revenue; experienced 21.1% YoY workforce decline; web traffic of 7,344 monthly visits; operates in categories including SIEM, network, application security, and social engineering.
Sentor cybersecurity
Sweden-based cybersecurity firm in Stockholm specializing in penetration testing, security testing, and red team assessments; offers offensive security services including simulated attacks and vulnerability assessments.
Cybercontrols.io
Cybercontrols.io is a UK-based infosec consultancy providing cybersecurity and compliance services, including penetration testing, internal audits, and endpoint security; founded in 2022, with 4 employees and +300% YoY growth, headquartered in Morpeth, UK.
Cybergen® Security
Cybergen® Security is a UK-based IT services and cybersecurity consulting firm founded in 2023, with a focus on penetration testing, red teaming, and threat mitigation. The company provides CREST-accredited penetration testing and 24/7 managed detection and response, emphasizing proactive security testing and vulnerability identification, despite having only 1 employee.
Cybertix
Cybertix is an India-based IT services and cybersecurity firm specializing in penetration testing, web application security, and risk management; founded in 2021, with 2 employees and 25% annual growth. It offers cybersecurity solutions including ethical hacking, red teaming, and training, serving clients worldwide. The company ranks #9,341,746 globally with 1,197 monthly website visits.