Find a pentest company with HITRUST
91 companies have this certification
HITRUST Cybersecurity Certification
Origin
HITRUST (Health Information Trust Alliance) was founded in 2007 by a collaboration of healthcare, technology, and information security leaders. The organization created the HITRUST Common Security Framework (CSF) to address the fragmented landscape of security and privacy regulations facing the healthcare industry. Recognizing that healthcare organizations were struggling to comply with multiple frameworks like HIPAA, PCI-DSS, and ISO standards simultaneously, HITRUST developed a unified, certifiable framework that harmonizes these various requirements into a single comprehensive standard.
Industry Value and Importance
The HITRUST CSF certification has become the gold standard for demonstrating security and compliance in healthcare and beyond, now extending to financial services, retail, and other regulated industries. Organizations value HITRUST certification because it provides a standardized, risk-based approach that satisfies multiple regulatory requirements at once, reducing audit fatigue and compliance costs. The certification is particularly trusted by business partners and customers as third-party validation of an organization's security controls, often becoming a prerequisite for vendor relationships and contracts. Its prescriptive control requirements and rigorous assessment process make it more comprehensive than self-attestation models, giving stakeholders greater confidence in an organization's security posture.
Rhymetec
Rhymetec LLC is a cybersecurity firm specializing in penetration testing and offensive security services; 37 employees with 27.8% YoY growth; based in New York, NY, founded in 2015. The company offers web, mobile, and network penetration testing, including AI-powered solutions, and is actively expanding through partnerships and geographic growth.
MegaplanIT
MegaplanIT is a private cybersecurity firm specializing in penetration testing, compliance, and managed security services; 32 employees, $682.5K annual revenue, founded in 2009, headquartered in Scottsdale, AZ. The company is a recognized leader in cybersecurity testing, offering services such as PCI DSS, HIPAA, SOC audits, social engineering, and cloud security, with a global rank of #10,160,412 and 990 monthly website visits.
Kudelski Security
Cybersecurity company based in Phoenix, Arizona, providing penetration testing and threat exposure management services; explicitly lists penetration testing as part of its offerings, with a focus on proactive security testing and vulnerability identification.
Reactforce
Reactforce is a cybersecurity consulting firm based in Scottsdale, Arizona, with over 25 years of experience in technology risk management, cybersecurity, and business resilience. The company provides penetration testing services for applications, networks, and mobile apps, emphasizing proactive security assessments and vulnerability mitigation.
DeepStrike
DeepStrike is a private cybersecurity firm specializing in penetration testing and attack surface management; founded in 2016, with 7 employees based in San Francisco, California, USA. Recognized as a leader in its field, it serves global enterprises including Fortune 500 companies and unicorn startups, with a monthly web traffic of 165,347 visits and a global rank of #285,050.
Truvantis, Inc.
Cybersecurity consulting firm specializing in security and privacy testing, program implementation, compliance assessments, and outsourcing; provides penetration testing services including network and small-business pentests with an offensive security focus; based in San Francisco, California, with 8 employees and $2.2M annual revenue.
Tevora
Business consulting firm specializing in cybersecurity, risk, and compliance; provides penetration testing, network, and internal security assessments; 136 employees, $37.9M revenue, founded 2003, Irvine, CA, USA.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Greenlight Cyber
Cybersecurity company specializing in comprehensive security solutions and active penetration testing; based in Irvine, California, with 11 employees, $5.7M revenue, and +28.6% YoY growth. Offers services including internal and external network penetration tests, supporting SMBs in digital security.
DevilDog Cybersecurity
Cybersecurity company specializing in turnkey security solutions, vulnerability assessments, pen testing, managed services, compliance audits, and cloud security; 5 employees, founded 2018, based in Denver, Colorado, United States.
SpyderSec
Cybersecurity company specializing in computer and network security; provides penetration testing services and related cybersecurity solutions. Founded in 2015, headquartered in Denver, Colorado, with 1 employee and 452 monthly website visits.
Optiv
Cybersecurity consulting firm based in Denver, Colorado; provides penetration testing, vulnerability assessments, and cyber risk management services. Offers manual and automated pentest solutions, including white/grey/black box testing, with ongoing vulnerability exposure programs.
Linford & Company LLP
Independent external IT auditors specializing in SOC audits, assurance services, and penetration testing; headquartered in Denver, Colorado, with a focus on cybersecurity assessments and compliance.
SUND TECHNOLOGIES
IT services and consulting firm specializing in cybersecurity, penetration testing, vulnerability assessments, and incident response; 5 employees with 12.5% YoY growth; based in Avon, Connecticut, founded in 2000.
Insight Assurance
Cybersecurity and compliance firm specializing in security audits, penetration testing, and regulatory certifications; 116 employees (+67.7% YoY growth); founded 2020; Tampa, FL; serves over 1,500 clients; offers SOC, PCI DSS, ISO, HITRUST, CSA STAR, NIST, HIPAA assessments.
Advertise on pentest.fyi
You could be here!
Catalisto
Cybersecurity and IT services company specializing in penetration testing; provides external and internal pentest services to critical infrastructure and corporate clients; 9 employees; Founded 2018; Fort Lauderdale, FL.
Audit Liaison
Cybersecurity firm based in Tampa, Florida; specializes in security audits, compliance, and penetration testing services; offers solutions for SOC 2, ISO 27001/22301, PCI DSS, HIPAA/HITRUST, GDPR/CCPA, and FISMA compliance; provides active security testing including penetration testing; founded with extensive industry experience.
Privaxi
Privaxi is a cybersecurity firm headquartered in Miami, Florida, providing penetration testing and risk validation services. The company explicitly offers active pentest services across various platforms and technologies, emphasizing vulnerability identification through controlled, simulated attacks.
GLESEC
Cybersecurity company specializing in computer and network security; provides active penetration testing services including Penetration Testing as a Service (PTaaS) and external pentests; based in Orlando, Florida with $26.6M annual revenue and 3 employees, founded in 2013.
A-LIGN
Cybersecurity and compliance provider based in Tampa, Florida; 572 employees, $92.2M annual revenue, $54.5M funding; specializes in cybersecurity compliance, penetration testing, and cyber risk management; offers active penetration testing and red team services, with a focus on high-quality, efficient programs.
Atlantic.Net Inc.
Private IT & services company founded in 1994; based in Orlando, Florida, with 39 employees and $12M revenue; offers hosting, cloud, and penetration testing services; global rank #167,082, country rank #91,357; 223,621 monthly visits; 3.1/5 employer rating.
Elevate
Business consulting and staffing firm specializing in cybersecurity, IT compliance, and audit services; based in Florida with 13 employees, $5.3M revenue, founded in 2008. Offers penetration testing services across frameworks like CMMC, ISO 27001, SOC 2, and more, with a focus on attack simulations and certification support.
Schellman
IT compliance and cybersecurity attestation provider; based in Tampa, Florida; specializes in FedRAMP assessments and offers extensive penetration testing services across multiple disciplines, including application, network, mobile, red teaming, social engineering, cloud, physical, hardware/IoT, and AI red team testing.
Input Output, LLC
Private IT & cybersecurity firm based in West Palm Beach, Florida, founded in 2018; 3 employees; $9.4M revenue; specializes in penetration testing, cybersecurity compliance, and risk management; offers services including ethical hacking, penetration testing, and security standards adherence; focused on helping businesses navigate regulations and cyber threats.
Xentaurs LLC
Managed IT services provider headquartered in Miami, Florida; offers security, cloud, network, and collaboration solutions; provides penetration testing, vulnerability assessments, and red-team exercises to enhance cybersecurity posture.
Aegis IT Solutions
Cybersecurity and managed IT services provider based in Fort Lauderdale, Florida; offers penetration testing and red team exercises to simulate active cyberattacks and assess security resilience.
360 Advanced
Cybersecurity and compliance firm headquartered in St. Petersburg, Florida; specializes in penetration testing services including API Testing, Red Teaming, Web Application Testing, and Social Engineering to identify vulnerabilities and improve security.
risk3sixty
risk3sixty is a private business consulting and services firm specializing in security, privacy, and compliance programs; offers penetration testing services as confirmed by its dedicated webpage; headquartered in Atlanta, Georgia, with 45 employees and a -13.3% YoY growth rate.
TrustNet
Cybersecurity company specializing in penetration testing, compliance, and security advisory; offers active penetration testing services as confirmed by dedicated service pages and resources; based in Atlanta, Georgia, with 22 employees, founded in 2003.
Meditology Services
Healthcare cybersecurity and risk management consulting firm based in Atlanta, Georgia; 37 employees, $21M revenue; specializes in penetration testing, ethical hacking, and compliance for healthcare organizations; ranked #4,007,999 globally and #112,4502 in the US; recently acquired CORL Technologies and launched AI SafeGuard™ penetration testing service.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Trava Security
Cybersecurity and IT consulting company specializing in compliance, cybersecurity advisory, and penetration testing; 14 employees, $1.2M annual revenue, founded 2020 in Indianapolis, Indiana; $15M total funding, with recent partnerships and market activity; provides dedicated pentest services as a core offering.
Lightedge
IT services and consulting company specializing in cloud, colocation, and managed services; offers penetration testing services including network, application, and social engineering testing; 261 employees, $85M revenue, headquartered in Des Moines, Iowa, with $5M funding.
BlueSteel Cybersecurity
Maryland-based cybersecurity firm specializing in penetration testing services; offers network, application, and SaaS pentests; develops humanized compliance programs for Healthcare, Finance, Education, and Defense sectors; headquartered in Baltimore, MD.
GraVoc
IT and services company specializing in software development, cybersecurity, and penetration testing; offers internal/external pentest, Active Directory security assessment, and adversary simulation; 55 employees, $12.2M revenue, founded 1994, Peabody, MA.
TECH LOCK Inc.
Cybersecurity company specializing in managed threat detection, penetration testing, and compliance solutions; $11.6M annual revenue, 3 employees, founded 2008 in Troy, Michigan, with expertise in HIPAA/HITRUST, PCI, and CMMC standards. Recognized for MDR services with a focus on security and compliance outcomes.
Arrakis Consulting
Cybersecurity company specializing in compliance, audit, penetration testing, and information security; 2 employees with over 10 years of experience each, +25% YoY growth; headquartered in Missoula, Montana, founded 2017.
Entre Technology Services
IT services and consulting company specializing in managed IT, cybersecurity, and network solutions; provides penetration testing services as part of their cybersecurity offerings; 27 employees, $32.9M revenue, founded 1984, based in Billings, Montana, USA.
SecureSky
SecureSky is an IT services and consulting firm based in Omaha, Nebraska, founded in 2018; with 12 employees and $7.3M in funding, they provide managed security, detection, response, and penetration testing services for cloud, hybrid, and on-premise environments, emphasizing offensive security capabilities.
Dara Security
Dara Security is a private computer and network security company specializing in security assessments and penetration testing; with 12 employees (+21.1% YoY growth), $257.8K annual revenue, founded in 2014, headquartered in Reno, Nevada, it offers services including vulnerability assessments, security program management, and compliance solutions, and is recognized for its industry expertise.
CyberGuard Advantage
CyberGuard Advantage is a cybersecurity advisory and compliance firm based in Las Vegas, Nevada, specializing in IT risk management, security attestations, and industry certifications; 39 employees, $6.5M revenue, founded 2011, offering penetration testing services, with 18.6% YoY growth.
Accorian
Accorian is a private cybersecurity firm specializing in computer and network security, with 112 employees and 17.5% YoY growth; founded in 2019 and headquartered in East Brunswick, New Jersey. The company offers expert security compliance, strategy, testing—including penetration testing—and staffing solutions, serving as a global partner in cybersecurity.
Palindrome Technologies
Cybersecurity company specializing in penetration testing and vulnerability assessments; 9 employees, founded 2005, headquartered in Princeton, NJ; offers expert-driven security solutions including Symmetric DefenseTM; active in industry standards and government contracts; 9,024 monthly website visits, global rank #2,738,449.
CBIZ Pivot Point Security
CBIZ Pivot Point Security is a private information security consulting company founded in 2000, based in Hamilton Township, New Jersey, with 12 employees and $6.6M annual revenue. They specialize in information security management systems, compliance, penetration testing, and related consulting services, serving clients needing to demonstrate security and compliance. The firm has a declining YoY growth of -31%, a web presence with 9,795 monthly visits, and is positioned within a niche market against competitors like ssc-ict and Iron Bow Technologies.
Cyber Cops
IT security services company based in Pennsauken, New Jersey; specializes in cybersecurity solutions including vulnerability assessment and penetration testing (VAPT) as a Service; offers compliance services like SOC 2 and HIPAA; emphasizes advanced cybersecurity measures.
Exelegent
Cybersecurity firm based in Freehold, New Jersey, specializing in security assessments and consulting; offers penetration testing, vulnerability assessments, and compliance audits; focuses on transforming business security and operational efficiency.
FoxPointe Solutions
Cybersecurity and IT risk management company based in Pittsford, NY; offers penetration testing, social engineering, and threat assessment services to ensure regulatory compliance and data protection.
Loptr LLC
Cybersecurity firm based in East Aurora, NY; provides penetration testing, threat hunting, cybersecurity frameworks, and training services; explicitly listed as offering PTES-framework penetration testing and proactive threat hunting.
Deloitte
Global professional services firm specializing in consulting, financial advisory, risk management, and audit & assurance; based in New York, US, with 355,547 employees and $67.2B revenue; offers penetration testing and cybersecurity services, including ethical hacking and cyber attack simulations.
Protected Harbor
Cybersecurity firm specializing in penetration testing services; offers simulated cyber attack assessments and vulnerability evaluations; headquartered in Orangeburg, NY with a physical address at 60 Dutch Hill Road Suite 16.
DueNorth Security, LLC
IT services and consulting firm specializing in security risk assessments, compliance, and cybersecurity; offers penetration testing services and security consulting; 3 employees; headquartered in Fargo, North Dakota, United States.
Essendis
Cybersecurity consulting firm specializing in cloud cybersecurity and penetration testing; based in Berea, Ohio, with expertise in network and application vulnerability assessments and simulated attack testing.
Moda Experts
Cybersecurity firm based in Mason, Ohio, specializing in IT security optimization and penetration testing services; offers network, web, mobile, wireless, and social engineering testing to identify vulnerabilities for SMBs.
Ensemble Health Partners
Healthcare revenue cycle management company headquartered in Cincinnati, Ohio; provides financial process optimization for hospitals and physician practices; also offers penetration testing (pentest) services as part of its cybersecurity capabilities, with active roles indicating ongoing pentest work.
4A Security & Compliance
Cybersecurity consulting firm specializing in penetration testing and vulnerability assessments; 4 employees; founded 2012; headquartered in Philadelphia, PA; offers security, privacy, and risk management services to organizations.
Securis360 Inc.
Securis360 Inc. is a private security and business consulting firm specializing in penetration testing as a service (ptaas), website and mobile app security testing, network architecture review, firewall security review, API security assessment, wireless device security testing, red team assessments, cloud security testing, and compliance services. Founded in 2021, headquartered in Pittsburgh, PA, with 42 employees and 48.6% YoY growth; it maintains a web presence with 1,997 monthly visits and ranks #6,654,877 globally and #617,323 in the US.
Interactive Security
IT services and consulting company specializing in IT security, compliance, and penetration testing; 4 employees with 29% YoY growth; founded 2007; headquartered in Blue Bell, Pennsylvania, United States; offers services including vulnerability assessments, PCI DSS, ISO 27001, NERC audits, HITRUST, and BCP/DR planning.
I.t. Services Group, Llc
IT Services Group, LLC is a Pennsylvania-based IT solutions provider headquartered in Media, serving the Philadelphia region for over 30 years. The company specializes in security compliance and offers penetration testing services, including vulnerability assessments and security testing for standards such as CMMC, PCI, HIPAA, and NIST.
Awa Infosec
Cybersecurity company specializing in penetration testing services; offers web application, external network, and social engineering testing conducted by certified ethical hackers; headquartered in Dresher, Pennsylvania, United States.
LBMC
LBMC is a private accounting and professional services firm based in Brentwood, Tennessee, with 498 employees and $192.7M in annual revenue. Founded in 1984, it offers consulting, accounting, tax, audit, advisory, HR, staffing, security, and technology services. The firm is the largest professional services provider in Tennessee and ranks among the top 50 accounting firms nationally. It also provides penetration testing services, including external, internal, wireless, web application, and social engineering tests, as detailed on their official website.
1stResponder
Cybersecurity company specializing in incident response, digital forensics, penetration testing, and vulnerability management; 9 employees with 800% YoY growth; based in Nashville, Tennessee, founded in 2019.
Prescient Security
Cybersecurity company specializing in penetration testing, compliance, and web application security; 196 employees (+52% YoY growth), $23.9M revenue, founded 2018 in Nashville, Tennessee, serving over 5,000 clients worldwide.
Advertise on pentest.fyi
You could be here!
Vancrew Technologies
IT services and consulting company specializing in cybersecurity and managed IT solutions; offers penetration testing services as part of their cybersecurity offerings; based in Knoxville, Tennessee, with 2 employees and over 20 years of experience.
Avertium
Avertium is a private cybersecurity firm founded in 2019, headquartered in Knoxville, Tennessee, with 116 employees and $74.4M annual revenue. They specialize in managed security services, including Microsoft security, MXDR, threat intelligence, attack surface monitoring, vulnerability management, and active penetration testing services such as red team, purple team, and social engineering. Recognized as a cyber fusion and MXDR leader, Avertium serves mid-market clients with comprehensive security and compliance solutions.
Fortified Health Security
Healthcare cybersecurity company specializing in managed security services, penetration testing, and compliance; 111 employees, $25M revenue, founded 2009; based in Brentwood, Tennessee; offers advanced penetration testing and red team services, with recent acquisition of Latitude Information Security.
Clearwater
Cybersecurity firm headquartered in Nashville, Tennessee, providing penetration testing, vulnerability assessments, and web application testing services; offers comprehensive technical testing solutions with a focus on healthcare security and compliance.
Holt Data Solutions
Cybersecurity and IT services provider specializing in penetration testing, managed security, and compliance consulting; 7 employees with 100% YoY growth, founded in 2019, headquartered in Corpus Christi, Texas, offering AI engineering, SDaaS, HITRUST, CMMC, and ransomware prevention services.
RSI Security
Cybersecurity-focused IT services and consulting company specializing in risk management, cyber engineering, assessment, and advisory services; provides penetration testing services explicitly listed on its website; headquartered in Southlake, Texas, with 26 employees, $5.9M annual revenue, and 22.5% YoY growth.
Dark Rock Cybersecurity, LLC
Cybersecurity company specializing in penetration testing, compliance, and security assessments; 5 employees, founded 2024, headquartered in Austin, TX; focuses on innovative security solutions and proactive threat mitigation.
Network Intelligence
Network Intelligence is a private cybersecurity firm specializing in AI-driven network security and penetration testing; based in Plano, Texas, with 403 employees, $7.2M annual revenue, and $4.8M in funding. The company offers advanced detection, response, data privacy, and AI security solutions, actively providing penetration testing services supported by technical frameworks and PCI DSS guidance. Founded in 2001, it competes globally within the cybersecurity market.
Ascent Portal
Texas-based cybersecurity firm specializing in penetration testing services; offers WISP/Pen Testing and integrated security assessments with headquarters at 1301 S. Capital of Texas Hwy, Austin, TX 78746. Provides comprehensive vulnerability testing to identify security weaknesses.
Armor Defense
Cybersecurity company based in Plano, Texas, specializing in MDR, compliance, and cloud security; offers formal penetration testing services with documented scope and authorization; operates primarily from Texas, United States.
Cyber Trust Alliance Inc.
Cyber Trust Alliance Inc. is a Texas-based cybersecurity firm specializing in penetration testing services; headquartered in Austin, TX, with a focus on simplifying compliance and security assessments for organizations.
ClearDATA
Healthcare cloud security provider based in Austin, Texas; offers breach simulation, penetration testing, code review, and security audits for healthcare organizations; publicly listed with a focus on HIPAA, HITRUST, and AI risk governance.
SecurityMetrics
Private computer and network security company providing PCI and HIPAA compliance assessments, incident response, cybersecurity, security training, and penetration testing; 173 employees (+1.5% YoY), $69.4M revenue; based in Orem, Utah, founded 2000.
SecureIT
Cybersecurity firm headquartered in Reston, VA, providing penetration testing, security assessments, and compliance advisory; offers active exploitation and simulated cyberattack services to enhance client security posture.
GuidePoint Security
IT services and consulting firm specializing in cybersecurity; 864 employees (+22.6% YoY growth), $300M revenue, founded 2011, headquartered in Reston, Virginia, USA; offers dedicated penetration testing and PTaaS services, emphasizing proactive security testing and risk mitigation.
Ampcus Cyber
Cybersecurity company based in Chantilly, Virginia, specializing in penetration testing; CREST-listed for Red team assessments and web application penetration testing, demonstrating advanced offensive security capabilities.
Advantage Partners
Cybersecurity company specializing in security and compliance services for tech firms; offers penetration testing services as confirmed by their website and PR release; 20 employees with 114.3% YoY growth; founded in 2023; headquartered in Seattle, Washington, USA.
Securitybricks, Inc.
Cybersecurity company specializing in penetration testing, offensive security, and compliance support; 14 employees; headquartered in Seattle, Washington, with a focus on cloud security, GRC, and application security services.
Wipfli
Wipfli is a Wisconsin-based professional services firm providing audit, tax, advisory, and cybersecurity services; explicitly offers penetration testing to simulate real-world attacks for security assessment.
ISO Certification in Bulgaria
Bulgarian-based consulting and certification firm specializing in ISO standards and cybersecurity testing; offers penetration testing, VAPT, and application security services with a focus on Bulgaria, supported by explicit location references and a Bulgarian address.
ISO Certification in Croatia
Croatian consulting firm based in Zagreb offering ISO certification services and penetration testing; provides network and infrastructure pentests, vulnerability assessments, and red-team simulations, demonstrating technical expertise in cybersecurity testing.
SAFFRON Sp. z o.o.
Poland-based IT services and consulting company specializing in cybersecurity, GRC-as-a-Service, and penetration testing; 6 employees with 28.6% YoY growth; founded 2015; headquartered in Gdańsk, Poland; offers security testing, risk management, compliance, and cybersecurity governance services.
AMARU
IT services and consulting company specializing in cybersecurity; 6 employees with 80% YoY growth; based in Auckland, New Zealand; founded 2019; offers CREST-certified penetration testing, risk assessments, security compliance, and incident response services, serving New Zealand clients.
CyberImmune
CyberImmune is a cybersecurity consulting firm based in Toronto, Canada, specializing in cloud security, DevSecOps, application, and network security. With 5 employees and 25% monthly growth, they perform security and compliance assessments, penetration testing on web, network, mobile, and cloud assets, supported by dedicated VAPT pages on their website.
Control Gap
IT services and consulting company specializing in cybersecurity, offensive security, penetration testing, PCI compliance, data remediation, and forensics; 32 employees, $20.2M revenue, founded 2007, headquartered in Mississauga, Ontario, Canada, serving North America and Europe.
Coral eSecure Private Limited
Canadian-based cybersecurity consulting firm specializing in penetration testing, privacy, and compliance standards; with 20+ years of experience, $10M annual revenue, and a focus on certification support for standards like SOC, NIST, HIPAA, GDPR, and ISO 27701.
FPT Telecom
FPT Telecom is a Vietnam-based telecommunications provider headquartered in Hanoi; it offers internet services for personal, family, gaming, and enterprise customers, and provides penetration testing and security audit services, as documented on their website.
TopCertifier
Vietnam-based cybersecurity firm specializing in penetration testing services; offers VAPT Certification Consulting, Server, Network, and Infrastructure Penetration Testing; headquartered in Hanoi, Vietnam.
TopCertifier
Certification company based in Philippines; offers ISO, CE Mark, VAPT, and HACCP certifications; explicitly references headquarters at GT Tower, Makati, Philippines; provides active penetration testing services including network and web application security testing.
IARM Information Security
Cybersecurity company based in Chennai, India, founded in 2016 with 30 employees; specializes in consulting, managed security, IoT security, and CREST-certified penetration testing for network, application, cloud, and LLM systems; offers end-to-end global security solutions with a focus on innovation and specialized pentesting capabilities.
Cyborgenic
IT services and consulting company specializing in information security and assurance; offers penetration testing, vulnerability assessment, and security compliance services; based in Mumbai, India, with 3 employees and 28.6% YoY growth; founded in 2020.