Find a pentest company with NIS2
35 companies have this certification
NIS2 Directive Overview
Origin and Background
The NIS2 Directive (Network and Information Security Directive 2) was created by the European Union and adopted in January 2023, replacing the original NIS Directive from 2016. The European Parliament and Council developed this legislation to address the growing cybersecurity threats across member states and to create a more uniform approach to cybersecurity requirements. It was implemented because the original directive had inconsistent application across EU countries and didn't adequately cover the expanding digital landscape and supply chain vulnerabilities that emerged in recent years.
Industry Importance and Value
NIS2 is significant because it establishes mandatory cybersecurity requirements for approximately 160,000 organizations across essential and important sectors in the EU, including energy, healthcare, banking, digital infrastructure, and public administration. The directive is valued for creating harmonized cybersecurity standards across Europe, improving incident reporting mechanisms, and holding senior management directly accountable for compliance. For organizations doing business in or with the EU, NIS2 compliance has become essential—not only to avoid substantial penalties (up to €10 million or 2% of global turnover) but also to demonstrate robust cybersecurity practices to partners and customers in an increasingly interconnected global market.
Rhymetec
Rhymetec LLC is a cybersecurity firm specializing in penetration testing and offensive security services; 37 employees with 27.8% YoY growth; based in New York, NY, founded in 2015. The company offers web, mobile, and network penetration testing, including AI-powered solutions, and is actively expanding through partnerships and geographic growth.
A-LIGN
Cybersecurity and compliance provider based in Tampa, Florida; 572 employees, $92.2M annual revenue, $54.5M funding; specializes in cybersecurity compliance, penetration testing, and cyber risk management; offers active penetration testing and red team services, with a focus on high-quality, efficient programs.
Emsco Solutions
Private cloud services and network security provider specializing in penetration testing, vulnerability assessments, and segmentation testing; based in Oklahoma City, Oklahoma, with 3 employees since 1948. Offers IT and cybersecurity services across Oklahoma region.
Zettasecure
IT security company based in Wien, Austria, providing cybersecurity services such as penetration testing, security audits, and MSSP. Small team of 2 employees with 50% YoY growth; specializes in protecting Austrian businesses without in-house security departments.
ITanic GmbH
ITanic GmbH is an Austrian IT services and consulting company specializing in cybersecurity and software development; offers penetration testing, red teaming, and cybersecurity awareness services. Founded in 2017, it has 1 employee with 25% monthly and yearly growth, headquartered in Grambach, Austria.
UNITAS
IT Services and IT Consulting firm specializing in information security, IT security, GRC/compliance, and IT auditing; offers penetration testing via pentest-as-a-service, vulnerability scanning, and exploitability assessments; 13 employees, founded 2019, headquartered in Aarhus, Denmark.
FoxIDs
Private computer and network security company based in Denmark; specializes in identity and access management (IAM) services for websites and APIs, supporting industry standards like OAuth, OpenID Connect, and SAML; offers authentication, authorization, and penetration testing services, with a small team of 2 employees founded in 2018.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Prosecom Oy
Prosecom Oy is a Finnish cybersecurity firm specializing in penetration testing, security, privacy, and risk management; with 5 employees, founded in 2021, headquartered in Tampere, Finland. The company offers cybersecurity development, security frameworks, ISO certifications, and SOC2 assurance, serving clients across various sectors.
UnBreach
UnBreach is a Finnish cybersecurity company specializing in network security and managed security services; 5 employees with +20% YoY growth, founded in 2021, headquartered in Helsinki, Finland. They explicitly offer network penetration testing services and aim to be end-to-end cybersecurity partners for Nordic security-conscious companies, focusing on midsize businesses.
Hackcyom
Cybersecurity consulting and audit firm based in Paris, France; specializes in penetration testing ('tests d'intrusion') with a focus on cybersecurity assessments and audits.
Bonjourcyber
Cybersecurity company based in Paris, France, specializing in penetration testing and cybersecurity audits; explicitly states expertise in ethical hacking and defense testing, serving SMEs and ETIs in France.
NBS System
NBS System is a France-based cybersecurity firm specializing in penetration testing, vulnerability scanning, and security consulting; with 7 employees, $5.1M annual revenue, founded in 1999, and offering services such as intrusion testing, coaching security, and open source intelligence to diverse industries.
Own.security
Cybersecurity firm headquartered in Paris, France, specializing in tailored security solutions and penetration testing services; offers Black Box and Gray Box testing using OWASP and OSSTMM methodologies across various targets.
Excube
Cybersecurity consulting firm based in Lyon, France; specializes in strategy, organization, and penetration testing services including intrusion tests and attack surface evaluations; registered at Lyon RCS with SIREN 838808236.
Advertise on pentest.fyi
You could be here!
SHERIFF Security GmbH
German cybersecurity company specializing in penetration testing; offers simulated attack services with a dedicated team of eight experts to assess and improve system resilience against cyber threats.
zeroBS
zeroBS is a Germany-based IT & cybersecurity company providing cloud-based threat simulation, DDoS testing, and penetration testing services including red teaming and POC testing; 5 employees, -25% YoY growth, specializing in protecting against IoT, industrial, cloud, and mobile DDoS attacks.
ThreatScene
ThreatScene is a private IT Services and IT Consulting firm specializing in cybersecurity solutions, including penetration testing, incident response, threat intelligence, and digital forensics. Founded in 2024 and headquartered in Athens, Greece, it has 15 employees and experienced 100% YoY growth. The company provides top-tier cybersecurity services to public bodies, B2B enterprises, defense, maritime, and critical infrastructure sectors, focusing on protecting organizations from evolving cyber threats.
Alphabit Cybersecurity
Cybersecurity company specializing in computer and network security services; offers penetration testing, risk assessment, and expert consulting with 10 employees, founded in 2008, based in Khalándrion, Greece. Known for providing expert cybersecurity services and active in compliance, digital forensics, and managed security services.
MottaSec
Cybersecurity firm specializing in penetration testing, cybersecurity consulting, and bespoke security solutions; founded in 2022, with 2 employees and +150% YoY growth; based in Dafni, Greece, with expertise in ICS/OT pentesting, red/purple teaming, and ISO 27001.
EcomWall
IT services and consulting company specializing in fraud prevention and threat intelligence for e-commerce; offers penetration testing services with customized testing and vulnerability reports; based in Vilnius, Lithuania, founded in 2023, with 5 employees.
Nestor Security
Nestor Security is a Netherlands-based cybersecurity firm specializing in penetration testing services; headquartered in Groningen with official registration as Nestor Security B.V. The company offers attack simulation and automated pentesting to help clients identify and mitigate security vulnerabilities.
SAFE-Secura
Private cybersecurity firm based in Amsterdam, Netherlands, founded in 2000; specializes in penetration testing, vulnerability assessments, and red teaming with active testing across cloud, network, mobile, web, IoT, and infrastructure targets; certified CCV for pentesting; part of a 51-200 employee organization.
Zeta IT Security B.V.
Netherlands-based IT security company founded in 2018; specializes in penetration testing, vulnerability scanning, and datacenter security solutions for Dutch businesses; employs 1 person; focuses on identifying cybersecurity vulnerabilities before hackers do.
SAFFRON Sp. z o.o.
Poland-based IT services and consulting company specializing in cybersecurity, GRC-as-a-Service, and penetration testing; 6 employees with 28.6% YoY growth; founded 2015; headquartered in Gdańsk, Poland; offers security testing, risk management, compliance, and cybersecurity governance services.
ChangePro
IT services and consulting company based in Poland; specializes in cybersecurity awareness, phishing, security, and penetration testing with detailed testing scopes and industry-standard practices; 3 employees; Founded 2018.
Taquion Cybersecurity
IT services and consulting company specializing in cybersecurity; offers penetration testing services like SecureScan 360 that simulate attacks from all perspectives; based in Spain with 2 employees, founded in 2016, experiencing 100% monthly workforce growth.
Ciso.es
Spain-based cybersecurity company specializing in penetration testing, cloud security, and mobile app security; offers offensive security services including Red Team operations; headquartered in Cartagena, Spain, with a focus on continuous threat mitigation and compliance with standards like ENS, NIS2, and ISO 27001:2022.
Cybertix Simulation Technologies
Cybersecurity company specializing in AI-driven automated solutions for SMEs; offers penetration testing, attack simulations, and OT security expertise; 14 employees, founded 2023, based in San Sebastián, Spain; $2.1M funding.
SpectraSec
SpectraSec is a Spain-based IT services and cybersecurity consulting firm specializing in attack simulations such as phishing, smishing, and vishing, which are forms of penetration testing; founded in 2025 with 2 employees, it focuses on protecting health sector data through technology, training, and expert consulting.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Hard Link Security S.L.
Cybersecurity consulting firm based in Spain; specializes in security measures deployment, compliance, forensic IT, and penetration testing for web, mobile, network, and cloud environments; 4 employees, founded 2023, headquartered in Albacete.
Holm Security
Cybersecurity company specializing in vulnerability management, attack surface management, and automated penetration testing; 54 employees (+6.7% YoY growth), $5M revenue, founded 2015 in Alvik, Sweden; $16.7M total funding, last round Nov 2022; offers services including penetration testing and cyber hygiene solutions.
Keepoint AB
Cybersecurity company specializing in security intelligence, monitoring, incident response, penetration testing, and security assessments; founded 2025 with 3 employees in Stockholm, Sweden, experiencing 50% monthly growth.
Cybergen® Security
Cybergen® Security is a UK-based IT services and cybersecurity consulting firm founded in 2023, with a focus on penetration testing, red teaming, and threat mitigation. The company provides CREST-accredited penetration testing and 24/7 managed detection and response, emphasizing proactive security testing and vulnerability identification, despite having only 1 employee.
Cybergen Security
UK-based cybersecurity company specializing in CREST-accredited penetration testing services; headquartered in Witney, Oxfordshire, with a focus on security testing and incident response.
Cybertix
Cybertix is an India-based IT services and cybersecurity firm specializing in penetration testing, web application security, and risk management; founded in 2021, with 2 employees and 25% annual growth. It offers cybersecurity solutions including ethical hacking, red teaming, and training, serving clients worldwide. The company ranks #9,341,746 globally with 1,197 monthly website visits.