Find a pentest company with ISO 27018
51 companies have this certification
ISO 27018: Origin
ISO 27018 was developed by the International Organization for Standardization (ISO) and officially published in 2014. It was created as the first international code of practice specifically designed to address the protection of personally identifiable information (PII) in public cloud computing environments. The standard emerged in response to growing concerns about data privacy and security as organizations increasingly migrated their operations and sensitive data to cloud service providers, necessitating clear guidelines for how cloud providers should handle personal information.
Industry Importance and Value
ISO 27018 is highly valued in the industry because it provides cloud service providers with a recognized framework for demonstrating their commitment to protecting customer data privacy. The certification is particularly important for organizations operating under strict data protection regulations like GDPR, as it helps establish compliance with privacy requirements and builds trust with clients who are entrusting their sensitive information to cloud environments. For businesses selecting cloud providers, ISO 27018 certification serves as a reliable indicator that the provider implements appropriate controls for PII protection, including transparent data handling practices, customer rights management, and restrictions on how personal data can be used or disclosed.
Rhymetec
Rhymetec LLC is a cybersecurity firm specializing in penetration testing and offensive security services; 37 employees with 27.8% YoY growth; based in New York, NY, founded in 2015. The company offers web, mobile, and network penetration testing, including AI-powered solutions, and is actively expanding through partnerships and geographic growth.
Toshiba
Private appliances, electrical, and electronics manufacturer based in Irvine, California; 2,318 employees with 2.7% YoY growth; active in energy, semiconductors, IoT, and digital solutions; provides penetration testing services including Red Team assessments and internal penetration testing, as documented in cybersecurity reports and white papers.
Cybereason
Cybereason is an American cybersecurity technology company founded in 2012, headquartered in La Jolla, California; it specializes in AI-driven XDR platforms, threat detection, incident response, and offensive security services including penetration testing and red team exercises. The company was acquired by LevelBlue in November 2025 and maintains a global presence with offices worldwide.
NxgSecure
Cybersecurity firm headquartered in Jacksonville, Florida, providing penetration testing services such as internal/external network testing, web/mobile app testing, insider threat simulations, and wireless security testing; focuses on proactive breach prevention for high-growth companies.
State of Hawaiʻi
Government organization based in Honolulu, Hawaii, with 1,230 employees (+11.6% YoY growth), $35.3M annual revenue; provides public services including cybersecurity penetration testing for agencies, with a strong web presence of 2.3M monthly visits and ranked #19,895 globally.
E Com Security Solutions
IT services and consulting company specializing in cybersecurity and compliance; 27 employees, founded 2008, headquartered in New York, USA; offers penetration testing services for networks and web applications, with categories including network penetration testing and web application penetration testing; 1,106 monthly website visits, global rank #11,587,344, employer rating 5.0/5.0.
Trellix
Cybersecurity company specializing in threat detection and response; headquartered in Plano, Texas, with 6,000 employees; provides penetration testing services including manual assessments and automated testing via RidgeBot.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Zelda Security
Cybersecurity software provider specializing in AI-driven penetration testing, threat intelligence, and proactive defense; 6 employees with 33.3% YoY growth; based in Salt Lake City, Utah, founded in 2022.
Mirai Security
Cybersecurity company specializing in governance, risk management, compliance, cloud security, and application security; offers penetration testing services supported by case studies; 20 employees with 12.5% YoY growth; headquartered in Seattle, Washington, USA.
TÜV AUSTRIA Group
Public safety and technical surveillance company based in Austria; 585 employees (+11.3% YoY growth), operating in 34+ countries, specializing in security, quality, and innovation services including penetration testing and IT security certifications; ranked #959,392 globally and #14,616 in Austria.
Tcss Trusted Cyber Security Solutions Gmbh
Cybersecurity company based in Vienna, Austria; specializes in penetration testing, vulnerability analysis, and incident response services; provides consulting with a focus on proactive security measures.
Tcss Trusted Cyber Security Solutions Gmbh
Cybersecurity company based in Vienna, Austria; specializes in penetration testing, vulnerability analysis, and incident response services; provides consulting with a focus on proactive security measures.
A1 Telekom Austria Ag
Telecommunications company based in Vienna, Austria; offers penetration testing, vulnerability management, and security assessments with active engagement in pentest services and social engineering campaigns; headquartered in Austria with a strong presence in Central and Eastern Europe.
ISO Certification in Bulgaria
Bulgarian-based consulting and certification firm specializing in ISO standards and cybersecurity testing; offers penetration testing, VAPT, and application security services with a focus on Bulgaria, supported by explicit location references and a Bulgarian address.
Advertise on pentest.fyi
You could be here!
ISO Certification in Croatia
Croatian consulting firm based in Zagreb offering ISO certification services and penetration testing; provides network and infrastructure pentests, vulnerability assessments, and red-team simulations, demonstrating technical expertise in cybersecurity testing.
Ixperta
Czech-based technology company headquartered in Prague; specializes in IT strategy, cybersecurity, and digital transformation; offers penetration testing, attack simulations, and resilience testing; focuses on building advanced IT ecosystems and solving complex tech challenges.
Verinet Server Hosting Center for Colocation and IT Outsourcing
Denmark-based private security company specializing in government relations and security solutions; offers penetration testing, ransomware, crypting, decryption, and malware services to 2,500 dealers; 2 employees; active in ethical hacking and vulnerability assessments.
Capgemini
Global IT services and consulting company based in Paris, France; 211,716 employees (+10.4% YoY growth); $23.9B annual revenue; offers cybersecurity including penetration testing with active exploitation techniques; recently acquired SEIMAF Groupe and Cloud4C Services Pvt Ltd; operates in multiple consulting categories including cloud, Salesforce, Microsoft, AWS, Oracle, Google, and SAP; competes with DXC Technology, EPAM Systems, and Endava.
De-bit Group
De-bit Group is a German IT service provider based in Gelnhausen, Hessen, with over 25 years of experience. They specialize in cybersecurity, offering penetration testing, security assessments, and IT solutions for authorities, municipalities, and businesses. The company emphasizes certifications like ISO 27001, demonstrating their expertise in security testing and vulnerability management.
CANCOM
Germany-based IT services and consulting company with 1,393 employees, $1.9B revenue, and EUR1.1B market cap; offers digital transformation, managed services, cloud solutions, and cybersecurity including penetration testing; founded 1992, headquartered in Munich, Bavaria.
Secjur
Germany-based cybersecurity firm Secjur GmbH specializes in compliance automation and full-service IT security, including penetration testing; headquartered in Hamburg, with a focus on European markets.
SAP
SAP SE is a private enterprise software company headquartered in Walldorf, Germany, founded in 1972. It employs 73,143 staff (+11.3% YoY), generates $39.6B in annual revenue, and holds a EUR227.5B market cap. The firm has received $1.3B in total funding, with recent acquisitions including SmartRecruiters. SAP provides comprehensive penetration testing services, including dedicated customer vulnerability assessment processes for SAP Cloud ALM and other products, confirming its commitment to security and compliance.
Integrity360
Integrity360 is a private Irish-based cybersecurity and IT consulting company with 237 employees, $146.8M revenue, founded in 2005. It is Ireland's largest cybersecurity specialist and offers comprehensive penetration testing services, including infrastructure, web app, API, mobile, Wi-Fi, IoT, cloud, AD, and segmentation testing, along with PTaaS. The firm operates across Europe, Africa, and the Caribbean, and has recently acquired Redshift Cyber Security and Holiseum. It ranks #779,785 globally and #165,814 in its country, with a focus on helping organizations grow securely.
Orazero Srl Sb
Italian cybersecurity firm based in Italy; provides penetration testing, vulnerability assessment, and red teaming services; external sources from October 2025 confirm their focus on security testing and cybersecurity solutions.
Exprivia
Italy-based IT services and consulting company with 1,407 employees (+2.7% YoY), $436.8M revenue, and EUR70.1M market cap; specializes in digital transformation, cybersecurity, and penetration testing services, including vulnerability assessments and VAPT; active in multiple industries and markets.
Deas Cyber+
Italian cybersecurity firm based in Rome; specializes in penetration testing, red teaming, adversary emulation, and malware development; employs young experts dedicated to digital security and threat mitigation.
Clanto Services S.r.l.
Italian cybersecurity firm based in Melito di Napoli; specializes in penetration testing, vulnerability assessment, and tailored security solutions; offers services such as real attack simulations and vulnerability discovery.
Onyx Cybersecurity
Private cybersecurity firm based in the Netherlands; founded in 2016 with 11 employees (+6.7% YoY growth); offers cybersecurity consultancy, ethical hacking, secure coding, privacy audits, and penetration testing; 626 monthly website visits; competes with adacom, avante corp, itpss.
SAFFRON Sp. z o.o.
Poland-based IT services and consulting company specializing in cybersecurity, GRC-as-a-Service, and penetration testing; 6 employees with 28.6% YoY growth; founded 2015; headquartered in Gdańsk, Poland; offers security testing, risk management, compliance, and cybersecurity governance services.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Orange Polska
Telecommunications company based in Poland; 2,856 employees, PLN12.7B annual revenue, founded in 1991, headquartered in Warszawa, Poland. Offers internet, mobile, TV, fixed-line services, and cybersecurity testing including penetration testing via CERT Orange Polska, which conducts controlled security assessments of client IT infrastructure.
Sii Poland
Poland-based IT, engineering, and BPO solutions provider; offers cybersecurity services including penetration testing with dedicated pentest roles and attack simulations; headquartered in Poland, serving clients with active pentest engagements.
Onwelo
IT solutions provider specializing in cybersecurity; offers penetration testing services to identify and eliminate vulnerabilities in IT infrastructure; based in Warsaw, Poland, with a focus on security testing and IT consulting.
Aiuken Cybersecurity
Cybersecurity company specializing in managed security, security integration, and cloud services; 93 employees (+15.4% YoY growth); founded 2012; headquartered in Boadilla del Monte, Spain; offers penetration testing, threat detection, response, and marketplace solutions; operates in 7 countries.
Telefónica Tech
Spanish technology solutions provider; offers cybersecurity, IoT, cloud, big data, AI, blockchain, and penetration testing services; explicitly provides penetration testing and security assessments to identify security gaps; based in Spain with a Spanish legal entity.
AffinityMSP
Australian IT services and consulting firm specializing in managed IT support, cybersecurity, and cloud solutions; 19 employees with 6.7% YoY growth, founded in 2019, based in Melbourne, Australia. Recognized among Australia's top MSPs, with active engagement in penetration testing and security assessment practices.
Sabytel Technologies, Inc.
Canadian cybersecurity company founded in 2002; headquartered in Ottawa, Ontario, Canada; offers penetration testing services including application, wireless, and web testing, as well as social engineering and phishing assessments; emphasizes a business-first approach to cybersecurity resilience.
BlackBerry
Canadian cybersecurity company based in Waterloo, Ontario; specializes in secure communications, QNX embedded systems, and offers penetration testing services such as IoT security assessments, open source reviews, regulatory pentests, and adversary simulations.
Terranova Worldwide Corporation
Cybersecurity company based in Laval, Quebec, Canada; specializes in security awareness training and offers extensive penetration testing services including web, network, wireless, API, mobile, AWS, and code-assisted testing.
Axus Advisory Group
IT services and consulting company specializing in cybersecurity, digital transformation, and risk management; 21 employees; founded 2016; based in Lima, Peru; offers penetration testing and red team services; 9,188 monthly website visits; global rank #2,841,377; verified by global federation of animal sanctuaries.
Netpoleon Singapore
Cybersecurity company specializing in penetration testing, malware analysis, and breach assessments; headquartered in Singapore at 627A Aljunied Road, with verified services in ethical hacking and security evaluations.
HKT Enterprise Cloud
Hong Kong-based cybersecurity service provider under Hong Kong Telecommunications (HKT) Limited; offers penetration testing and security health check services, with explicit penetration testing engagements listed on their website.
HKT Enterprise Solutions
Hong Kong-based cybersecurity firm specializing in penetration testing services; offers authorized vulnerability assessments and cyber health checks, leveraging PCCW-HKT's extensive network and system integration expertise.
True Corporation Public Company Limited
Thailand-based telecom and digital services provider; offers penetration testing and ethical hacking services as part of its cybersecurity offerings; headquartered in Bangkok, Thailand; publicly listed with a focus on digital security solutions.
TopCertifier
Vietnam-based cybersecurity firm specializing in penetration testing services; offers VAPT Certification Consulting, Server, Network, and Infrastructure Penetration Testing; headquartered in Hanoi, Vietnam.
TopCertifier
Certification company based in Philippines; offers ISO, CE Mark, VAPT, and HACCP certifications; explicitly references headquarters at GT Tower, Makati, Philippines; provides active penetration testing services including network and web application security testing.
PT Siggap Teknologi Internasional
Cybersecurity company based in Jakarta, Indonesia, founded in 2018; 9 employees with -10.5% YoY growth; offers penetration testing, risk management, threat detection, and security solutions; certified provider with a focus on supporting business continuity and managing cyber risks.
Lintasarta
Indonesia-based IT services and consulting company founded in 1988; 1,813 employees (+9.5% YoY growth), $113M revenue; offers ICT solutions, digital transformation, and penetration testing services including automated attack simulations; ranked #246,635 globally and #8,805 in Indonesia; active in cybersecurity, cloud, and data communications.
Secure Strike
Cybersecurity training and penetration testing company based in Gurugram, India; founded 2024; 2 employees with +20% YoY growth. Offers courses in web app security, API testing, mobile testing, and certifications, and provides network and cloud penetration testing services with activities like vulnerability assessment and exploitation testing.
Vynox Security
Vynox Security is a private cybersecurity company based in Pune, India, with 6 employees. They specialize in security testing services such as penetration testing, cloud security, infrastructure security, and source code audits, with a focus on helping organizations mitigate risks and defend against evolving digital threats.
Infocratus Technologies
Indian cybersecurity company based in Mumbai; specializes in penetration testing and vulnerability assessments with explicit service offerings; headquartered at 175, Kagalwala House, Bandra Kurla Complex, Santacruz East, Kalina, Mumbai 400098.
Adiroha Solutions
India-based cybersecurity company headquartered in Bangalore; specializes in penetration testing including IoT, web app, and firewall pentests; offers GRC, vCISO, and startup services; active in ethical hacking and vulnerability assessments.