Find a pentest company with ISO 31000
26 companies have this certification
ISO 31000
Origin
ISO 31000 was developed by the International Organization for Standardization (ISO) and first published in 2009, with subsequent revisions in 2018. The standard was created by ISO Technical Committee 262 (ISO/TC 262) on Risk Management, which brought together risk management experts from various countries and industries. It was developed to provide universal principles and guidelines for risk management that could be applied across all sectors and organizations of any size, replacing earlier risk management standards and establishing a common framework for identifying, assessing, and managing risks systematically.
Industry Value
For penetration testing and cybersecurity companies, ISO 31000 provides a structured approach to identifying and managing the full spectrum of risks involved in security assessments and operations. Penetration testing firms reference or align with ISO 31000 to demonstrate their capability to conduct comprehensive risk-based security evaluations, ensuring that testing scope and priorities are properly determined based on client risk profiles. The standard helps these companies establish credible risk management processes that complement technical security work, providing clients with confidence that the organization can effectively assess threats, vulnerabilities, and business impacts. By adopting ISO 31000 principles, penetration testing companies can better communicate security findings in business risk terms, support clients' broader enterprise risk management programs, and differentiate themselves as mature organizations that view cybersecurity through a holistic risk lens rather than purely technical metrics.
Winterhawk Consulting (A PentaFour Group Company)
IT services and consulting firm specializing in SAP security, role design, audit, and penetration testing; 13 employees, $5.6M revenue, founded 2012, headquartered in Lakeland, FL; offers SAP GRC, cybersecurity, and enterprise threat detection solutions; actively provides penetration testing services.
E Com Security Solutions
IT services and consulting company specializing in cybersecurity and compliance; 27 employees, founded 2008, headquartered in New York, USA; offers penetration testing services for networks and web applications, with categories including network penetration testing and web application penetration testing; 1,106 monthly website visits, global rank #11,587,344, employer rating 5.0/5.0.
Interactive Security
IT services and consulting company specializing in IT security, compliance, and penetration testing; 4 employees with 29% YoY growth; founded 2007; headquartered in Blue Bell, Pennsylvania, United States; offers services including vulnerability assessments, PCI DSS, ISO 27001, NERC audits, HITRUST, and BCP/DR planning.
KANE ADVISORS
Risk management and business intelligence analytics company based in Chelan, Washington, with 2 employees; founded in 2000. Specializes in risk mitigation, cybersecurity, and penetration testing services to help organizations thrive in volatile environments.
IS4IT Cyber Security Austria GmbH
Small Austrian cybersecurity firm founded in 2024; 2 employees; specializes in penetration testing, offensive security, and managed security services; based in Vienna, Austria; offers comprehensive IT security solutions from analysis to operation.
ISO Certification in Bulgaria
Bulgarian-based consulting and certification firm specializing in ISO standards and cybersecurity testing; offers penetration testing, VAPT, and application security services with a focus on Bulgaria, supported by explicit location references and a Bulgarian address.
ISO Certification in Croatia
Croatian consulting firm based in Zagreb offering ISO certification services and penetration testing; provides network and infrastructure pentests, vulnerability assessments, and red-team simulations, demonstrating technical expertise in cybersecurity testing.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Extelligence
IT services and consulting company based in Prague, Czechia, founded in 2011; employs 10 staff with $1M-$5M revenue; specializes in cybersecurity, data management, and IT resourcing; offers penetration testing services with autonomous platform integration (NodeZero via Horizon3.ai); stable employer rating of 5.0/5.0 from 3 reviews.
Specops Solutions Gmbh
Cybersecurity firm headquartered in Germany; offers penetration testing and red team services, with a focus on offensive security and simulated attack testing.
CANCOM
Germany-based IT services and consulting company with 1,393 employees, $1.9B revenue, and EUR1.1B market cap; offers digital transformation, managed services, cloud solutions, and cybersecurity including penetration testing; founded 1992, headquartered in Munich, Bavaria.
3-core GmbH
German-based business consulting firm specializing in corporate resilience, governance, security, emergency, and crisis management; explicitly offers penetration testing services using proven tools, including engagements for energy companies; 8 employees; Founded 2019; Bonn, Germany.
Alverad Offensive Security Team
Hungary-based offensive security division of Alverad Kft; provides comprehensive penetration testing and security assessment services including web, mobile, Wi-Fi, API, OSINT, phishing, GPU password cracking, and thick client testing; emphasizes attacker-oriented approach.
BIP
BIP is a private business consulting and services company headquartered in Milan, Italy, with 3,671 employees (+13.3% YoY growth), $330.1M annual revenue, and $143.7M in total funding (last round via debt financing in June 2025). The firm specializes in management consulting, cybersecurity—including penetration testing services like TLPT and Red/Blue Team testing—digital transformation, data science, and disruptive technologies. It operates in a competitive landscape alongside Sia Partners, Boston Consulting Group, and Roland Berger.
Analytica
Latvia-based cybersecurity consulting firm specializing in information security and penetration testing; headquartered in Riga with legal address at Krišjāņa Valdemāra iela 18-7, LV-1010; offers security consulting, services, and operations center, with expertise in vulnerability assessments and ethical hacking.
Advertise on pentest.fyi
You could be here!
Efigo
Efigo is a Poland-based cybersecurity firm specializing in penetration testing, security audits, and data protection services; with 8 employees, 33.3% YoY growth, founded in 2015, headquartered in Katowice, and focusing on eliminating threats in infrastructure, websites, and applications.
Nflo Sp. Z O.o.
Polish cybersecurity firm specializing in penetration testing services; explicitly lists penetration testing and related certifications such as Kali-based tests; headquartered in Warsaw, Poland.
Cyberspective Inc.
Cybersecurity consulting firm based in Montreal, Canada; 5 employees; specializes in cybersecurity advisory, risk evaluation, compliance, and technical control assessments including infrastructure and network penetration testing, which involves simulated attacks to test security.
Coral eSecure Private Limited
Canadian-based cybersecurity consulting firm specializing in penetration testing, privacy, and compliance standards; with 20+ years of experience, $10M annual revenue, and a focus on certification support for standards like SOC, NIST, HIPAA, GDPR, and ISO 27701.
Grupo Hub.
Grupo Hub. is a Mexico-based strategic management services company specializing in cybersecurity and testing, including penetration testing; with 5 employees, founded in 2014, and offering manual and automated testing services supported by certified experts and training programs.
Delta Protect
Cybersecurity company specializing in pentesting, compliance, and digital risk management; 29 employees, founded 2019, headquartered in Mexico City, Mexico; offers penetration testing, vulnerability analysis, and cyber intelligence services, with 41,903 monthly visits and a global rank of #680,565.
Axtel
Mexican IT services and consulting firm specializing in cybersecurity, including penetration testing services; 1,921 employees with 2.5% YoY growth; $537.4M USD annual revenue; founded in 1994; headquartered in San Nicolás de Los Garza, Mexico; active in cybersecurity assessments and security drills.
SAGO Consultores
Cybersecurity consulting firm based in Cali, Colombia; offers penetration testing, ethical hacking, vulnerability analysis, and security audits; supports services with advanced, customizable technological solutions.
TopCertifier
Vietnam-based cybersecurity firm specializing in penetration testing services; offers VAPT Certification Consulting, Server, Network, and Infrastructure Penetration Testing; headquartered in Hanoi, Vietnam.
TopCertifier
Certification company based in Philippines; offers ISO, CE Mark, VAPT, and HACCP certifications; explicitly references headquarters at GT Tower, Makati, Philippines; provides active penetration testing services including network and web application security testing.
Avanté Consultants
India-based information security company headquartered in Pune, Maharashtra; provides process solutions, consultancy, training, and audit services in IT security; explicitly offers penetration testing services for web, software, mobile, and network environments.
MitKat Advisory
MitKat Advisory is a Mumbai-based business consulting firm specializing in risk management, security, and resilience services, including physical security penetration testing and red teaming; 183 employees, $5M revenue, founded 2010, ranked #872,570 globally and #74,136 in India, with active social media presence and industry-specific expertise.