Find a pentest company with ISO 27017
46 companies have this certification
ISO 27017: Origin
ISO 27017 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), published in December 2015. It was created as an extension of ISO 27002 to address the growing need for specific security guidelines in cloud computing environments. The standard emerged from industry recognition that traditional information security controls required adaptation and supplementation to adequately address the unique risks and responsibilities associated with cloud service provision and use.
Industry Importance and Value
ISO 27017 is valued in the industry because it provides clear, internationally recognized guidance for both cloud service providers and cloud customers on their respective security responsibilities. The certification helps organizations demonstrate their commitment to cloud security best practices, facilitating trust between providers and customers in an increasingly cloud-dependent business environment. For businesses, achieving ISO 27017 certification can be a competitive differentiator, meeting procurement requirements, satisfying regulatory expectations, and providing assurance to stakeholders that cloud-specific security controls are properly implemented and maintained.
Toshiba
Private appliances, electrical, and electronics manufacturer based in Irvine, California; 2,318 employees with 2.7% YoY growth; active in energy, semiconductors, IoT, and digital solutions; provides penetration testing services including Red Team assessments and internal penetration testing, as documented in cybersecurity reports and white papers.
Cybereason
Cybereason is an American cybersecurity technology company founded in 2012, headquartered in La Jolla, California; it specializes in AI-driven XDR platforms, threat detection, incident response, and offensive security services including penetration testing and red team exercises. The company was acquired by LevelBlue in November 2025 and maintains a global presence with offices worldwide.
NxgSecure
Cybersecurity firm headquartered in Jacksonville, Florida, providing penetration testing services such as internal/external network testing, web/mobile app testing, insider threat simulations, and wireless security testing; focuses on proactive breach prevention for high-growth companies.
State of Hawaiʻi
Government organization based in Honolulu, Hawaii, with 1,230 employees (+11.6% YoY growth), $35.3M annual revenue; provides public services including cybersecurity penetration testing for agencies, with a strong web presence of 2.3M monthly visits and ranked #19,895 globally.
E Com Security Solutions
IT services and consulting company specializing in cybersecurity and compliance; 27 employees, founded 2008, headquartered in New York, USA; offers penetration testing services for networks and web applications, with categories including network penetration testing and web application penetration testing; 1,106 monthly website visits, global rank #11,587,344, employer rating 5.0/5.0.
Trellix
Cybersecurity company specializing in threat detection and response; headquartered in Plano, Texas, with 6,000 employees; provides penetration testing services including manual assessments and automated testing via RidgeBot.
Zelda Security
Cybersecurity software provider specializing in AI-driven penetration testing, threat intelligence, and proactive defense; 6 employees with 33.3% YoY growth; based in Salt Lake City, Utah, founded in 2022.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Mirai Security
Cybersecurity company specializing in governance, risk management, compliance, cloud security, and application security; offers penetration testing services supported by case studies; 20 employees with 12.5% YoY growth; headquartered in Seattle, Washington, USA.
Tcss Trusted Cyber Security Solutions Gmbh
Cybersecurity company based in Vienna, Austria; specializes in penetration testing, vulnerability analysis, and incident response services; provides consulting with a focus on proactive security measures.
Tcss Trusted Cyber Security Solutions Gmbh
Cybersecurity company based in Vienna, Austria; specializes in penetration testing, vulnerability analysis, and incident response services; provides consulting with a focus on proactive security measures.
ISO Certification in Bulgaria
Bulgarian-based consulting and certification firm specializing in ISO standards and cybersecurity testing; offers penetration testing, VAPT, and application security services with a focus on Bulgaria, supported by explicit location references and a Bulgarian address.
ISO Certification in Croatia
Croatian consulting firm based in Zagreb offering ISO certification services and penetration testing; provides network and infrastructure pentests, vulnerability assessments, and red-team simulations, demonstrating technical expertise in cybersecurity testing.
Ixperta
Czech-based technology company headquartered in Prague; specializes in IT strategy, cybersecurity, and digital transformation; offers penetration testing, attack simulations, and resilience testing; focuses on building advanced IT ecosystems and solving complex tech challenges.
YesWeHack
Cybersecurity company specializing in bug bounty and vulnerability management; provides penetration testing services with dedicated solutions like Pentest Management and Continuous Pentesting; 331 employees (+60.7% YoY growth), $3.5M annual revenue, founded in 2015 in Paris, France; $79.3M total funding; recognized for CREST accreditation; operates globally with over 400 programs in 175+ countries.
Advertise on pentest.fyi
You could be here!
Capgemini
Global IT services and consulting company based in Paris, France; 211,716 employees (+10.4% YoY growth); $23.9B annual revenue; offers cybersecurity including penetration testing with active exploitation techniques; recently acquired SEIMAF Groupe and Cloud4C Services Pvt Ltd; operates in multiple consulting categories including cloud, Salesforce, Microsoft, AWS, Oracle, Google, and SAP; competes with DXC Technology, EPAM Systems, and Endava.
De-bit Group
De-bit Group is a German IT service provider based in Gelnhausen, Hessen, with over 25 years of experience. They specialize in cybersecurity, offering penetration testing, security assessments, and IT solutions for authorities, municipalities, and businesses. The company emphasizes certifications like ISO 27001, demonstrating their expertise in security testing and vulnerability management.
CANCOM
Germany-based IT services and consulting company with 1,393 employees, $1.9B revenue, and EUR1.1B market cap; offers digital transformation, managed services, cloud solutions, and cybersecurity including penetration testing; founded 1992, headquartered in Munich, Bavaria.
Secjur
Germany-based cybersecurity firm Secjur GmbH specializes in compliance automation and full-service IT security, including penetration testing; headquartered in Hamburg, with a focus on European markets.
SAP
SAP SE is a private enterprise software company headquartered in Walldorf, Germany, founded in 1972. It employs 73,143 staff (+11.3% YoY), generates $39.6B in annual revenue, and holds a EUR227.5B market cap. The firm has received $1.3B in total funding, with recent acquisitions including SmartRecruiters. SAP provides comprehensive penetration testing services, including dedicated customer vulnerability assessment processes for SAP Cloud ALM and other products, confirming its commitment to security and compliance.
Orazero Srl Sb
Italian cybersecurity firm based in Italy; provides penetration testing, vulnerability assessment, and red teaming services; external sources from October 2025 confirm their focus on security testing and cybersecurity solutions.
Exprivia
Italy-based IT services and consulting company with 1,407 employees (+2.7% YoY), $436.8M revenue, and EUR70.1M market cap; specializes in digital transformation, cybersecurity, and penetration testing services, including vulnerability assessments and VAPT; active in multiple industries and markets.
Deas Cyber+
Italian cybersecurity firm based in Rome; specializes in penetration testing, red teaming, adversary emulation, and malware development; employs young experts dedicated to digital security and threat mitigation.
Clanto Services S.r.l.
Italian cybersecurity firm based in Melito di Napoli; specializes in penetration testing, vulnerability assessment, and tailored security solutions; offers services such as real attack simulations and vulnerability discovery.
Efigo
Efigo is a Poland-based cybersecurity firm specializing in penetration testing, security audits, and data protection services; with 8 employees, 33.3% YoY growth, founded in 2015, headquartered in Katowice, and focusing on eliminating threats in infrastructure, websites, and applications.
SAFFRON Sp. z o.o.
Poland-based IT services and consulting company specializing in cybersecurity, GRC-as-a-Service, and penetration testing; 6 employees with 28.6% YoY growth; founded 2015; headquartered in Gdańsk, Poland; offers security testing, risk management, compliance, and cybersecurity governance services.
Onwelo
IT solutions provider specializing in cybersecurity; offers penetration testing services to identify and eliminate vulnerabilities in IT infrastructure; based in Warsaw, Poland, with a focus on security testing and IT consulting.
Aiuken Cybersecurity
Cybersecurity company specializing in managed security, security integration, and cloud services; 93 employees (+15.4% YoY growth); founded 2012; headquartered in Boadilla del Monte, Spain; offers penetration testing, threat detection, response, and marketplace solutions; operates in 7 countries.
AffinityMSP
Australian IT services and consulting firm specializing in managed IT support, cybersecurity, and cloud solutions; 19 employees with 6.7% YoY growth, founded in 2019, based in Melbourne, Australia. Recognized among Australia's top MSPs, with active engagement in penetration testing and security assessment practices.
Sabytel Technologies, Inc.
Canadian cybersecurity company founded in 2002; headquartered in Ottawa, Ontario, Canada; offers penetration testing services including application, wireless, and web testing, as well as social engineering and phishing assessments; emphasizes a business-first approach to cybersecurity resilience.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
BlackBerry
Canadian cybersecurity company based in Waterloo, Ontario; specializes in secure communications, QNX embedded systems, and offers penetration testing services such as IoT security assessments, open source reviews, regulatory pentests, and adversary simulations.
Svalbard Security
Cybersecurity company based in Vancouver, Canada; specializes in penetration testing, compliance support, and security assessments; proudly Canadian and locally owned, with a focus on regulated industries.
Terranova Worldwide Corporation
Cybersecurity company based in Laval, Quebec, Canada; specializes in security awareness training and offers extensive penetration testing services including web, network, wireless, API, mobile, AWS, and code-assisted testing.
Axus Advisory Group
IT services and consulting company specializing in cybersecurity, digital transformation, and risk management; 21 employees; founded 2016; based in Lima, Peru; offers penetration testing and red team services; 9,188 monthly website visits; global rank #2,841,377; verified by global federation of animal sanctuaries.
Netpoleon Singapore
Cybersecurity company specializing in penetration testing, malware analysis, and breach assessments; headquartered in Singapore at 627A Aljunied Road, with verified services in ethical hacking and security evaluations.
HKT Enterprise Cloud
Hong Kong-based cybersecurity service provider under Hong Kong Telecommunications (HKT) Limited; offers penetration testing and security health check services, with explicit penetration testing engagements listed on their website.
HKT Enterprise Solutions
Hong Kong-based cybersecurity firm specializing in penetration testing services; offers authorized vulnerability assessments and cyber health checks, leveraging PCCW-HKT's extensive network and system integration expertise.
インフォセックアドバイザリー株式会社
Japan-based cybersecurity consulting company headquartered in Tokyo; provides penetration testing, ISO certification support (ISO27001, ISO27017, ISO42001), NIST compliance assistance, and security outsourcing; known for experienced consultants and comprehensive security services.
TopCertifier
Vietnam-based cybersecurity firm specializing in penetration testing services; offers VAPT Certification Consulting, Server, Network, and Infrastructure Penetration Testing; headquartered in Hanoi, Vietnam.
TopCertifier
Certification company based in Philippines; offers ISO, CE Mark, VAPT, and HACCP certifications; explicitly references headquarters at GT Tower, Makati, Philippines; provides active penetration testing services including network and web application security testing.
PT Siggap Teknologi Internasional
Cybersecurity company based in Jakarta, Indonesia, founded in 2018; 9 employees with -10.5% YoY growth; offers penetration testing, risk management, threat detection, and security solutions; certified provider with a focus on supporting business continuity and managing cyber risks.
Binary Works Indonesia
Cybersecurity company specializing in penetration testing; based in Jakarta, Indonesia with 5 employees and a 9.5% monthly growth; offers simulated attack testing to ensure system security, supported by dedicated service pages.
Nexagate Siber Sekuriti
Cybersecurity company based in Indonesia; specializes in penetration testing, security audits, and offensive security assessments for networks, applications, and facilities. Officially registered as PT Nexagate Siber Sekuriti in Jakarta, with a .id domain confirming its Indonesian origin.
Lintasarta
Indonesia-based IT services and consulting company founded in 1988; 1,813 employees (+9.5% YoY growth), $113M revenue; offers ICT solutions, digital transformation, and penetration testing services including automated attack simulations; ranked #246,635 globally and #8,805 in Indonesia; active in cybersecurity, cloud, and data communications.
Vynox Security
Vynox Security is a private cybersecurity company based in Pune, India, with 6 employees. They specialize in security testing services such as penetration testing, cloud security, infrastructure security, and source code audits, with a focus on helping organizations mitigate risks and defend against evolving digital threats.
Infocratus Technologies
Indian cybersecurity company based in Mumbai; specializes in penetration testing and vulnerability assessments with explicit service offerings; headquartered at 175, Kagalwala House, Bandra Kurla Complex, Santacruz East, Kalina, Mumbai 400098.
Adiroha Solutions
India-based cybersecurity company headquartered in Bangalore; specializes in penetration testing including IoT, web app, and firewall pentests; offers GRC, vCISO, and startup services; active in ethical hacking and vulnerability assessments.