Find a pentest company with SOC 1
58 companies have this certification
SOC 1 Certification
Origin
SOC 1 (Service Organization Control 1) was developed by the American Institute of Certified Public Accountants (AICPA) in 2011 as a replacement for the SAS 70 audit standard. The AICPA created SOC 1 to provide a more comprehensive and standardized framework for assessing controls at service organizations that could impact their clients' financial reporting. This certification was specifically designed to address the growing need for third-party assurance as businesses increasingly outsourced critical functions like payroll processing, claims administration, and other services that directly affect financial statements.
Industry Value
SOC 1 reports are highly valued because they provide independent verification that a service organization has implemented effective controls over financial reporting processes. For companies that rely on external service providers, a SOC 1 report offers crucial assurance that their vendors maintain adequate safeguards, helping them meet their own audit and regulatory compliance requirements under standards like Sarbanes-Oxley. This certification has become an industry standard for demonstrating trustworthiness and transparency, often serving as a prerequisite for winning contracts with enterprise clients who need documented assurance that their service providers won't introduce risks to their financial statement accuracy.
Lazarus Alliance, Inc.
Cybersecurity company specializing in proactive security services including vulnerability and penetration testing, compliance audits, and privacy assessments; founded in 2000, with 6 employees and 22.2% YoY growth, based in Scottsdale, Arizona, USA. Known for its focus on cybersecurity audits and compliance, with a web presence of 10,023 monthly visits and a global rank of #2,168,741.
Maqware Corporation
IT Services and IT Consulting company specializing in cybersecurity, penetration testing, and compliance; based in San Ramon, California, with 11-50 employees, founded in 2008, providing top-tier security solutions and extensive compliance expertise.
Linford & Company LLP
Independent external IT auditors specializing in SOC audits, assurance services, and penetration testing; headquartered in Denver, Colorado, with a focus on cybersecurity assessments and compliance.
Insight Assurance
Cybersecurity and compliance firm specializing in security audits, penetration testing, and regulatory certifications; 116 employees (+67.7% YoY growth); founded 2020; Tampa, FL; serves over 1,500 clients; offers SOC, PCI DSS, ISO, HITRUST, CSA STAR, NIST, HIPAA assessments.
Ascend Audit & Advisory, Inc.
Private accounting firm based in Florida; specializes in SOC attestations, ISO/IEC 27002 ISMS, and cybersecurity policy analysis; provides penetration testing services; 2 employees; founded 2014; headquartered in St. Petersburg, FL.
A-LIGN
Cybersecurity and compliance provider based in Tampa, Florida; 572 employees, $92.2M annual revenue, $54.5M funding; specializes in cybersecurity compliance, penetration testing, and cyber risk management; offers active penetration testing and red team services, with a focus on high-quality, efficient programs.
Schellman
IT compliance and cybersecurity attestation provider; based in Tampa, Florida; specializes in FedRAMP assessments and offers extensive penetration testing services across multiple disciplines, including application, network, mobile, red teaming, social engineering, cloud, physical, hardware/IoT, and AI red team testing.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
AARC-360
AARC-360 is a private accounting firm specializing in assurance, advisory, risk, and compliance services with a global presence; 28 employees, founded in 2014, headquartered in Atlanta, Georgia, USA. They have recent cybersecurity accreditation achievements, including FedRAMP and RMAI audits, and offer penetration testing services such as vulnerability assessments, active exploitation, and social engineering across web, network, and cloud platforms.
Aprio
Aprio is a professional services firm based in Georgia, United States, with 1,901 employees and $420.8M annual revenue; it provides business advisory, tax, accounting, and penetration testing services, including web, mobile, and API security assessments, and has recently expanded through acquisitions and new office openings.
Lightedge
IT services and consulting company specializing in cloud, colocation, and managed services; offers penetration testing services including network, application, and social engineering testing; 261 employees, $85M revenue, headquartered in Des Moines, Iowa, with $5M funding.
General Motors
Automotive manufacturing giant headquartered in Detroit, Michigan, United States; produces Chevrolet, Buick, GMC, and Cadillac vehicles; also offers penetration testing and cybersecurity services via GM Sectec, utilizing ethical hacking techniques for vulnerability identification.
CyberGuard Advantage
CyberGuard Advantage is a cybersecurity advisory and compliance firm based in Las Vegas, Nevada, specializing in IT risk management, security attestations, and industry certifications; 39 employees, $6.5M revenue, founded 2011, offering penetration testing services, with 18.6% YoY growth.
Accorian
Accorian is a private cybersecurity firm specializing in computer and network security, with 112 employees and 17.5% YoY growth; founded in 2019 and headquartered in East Brunswick, New Jersey. The company offers expert security compliance, strategy, testing—including penetration testing—and staffing solutions, serving as a global partner in cybersecurity.
E Com Security Solutions
IT services and consulting company specializing in cybersecurity and compliance; 27 employees, founded 2008, headquartered in New York, USA; offers penetration testing services for networks and web applications, with categories including network penetration testing and web application penetration testing; 1,106 monthly website visits, global rank #11,587,344, employer rating 5.0/5.0.
Advertise on pentest.fyi
You could be here!
RISCPoint
IT services and consulting company specializing in security and compliance; 30 employees with 19.4% YoY growth; based in Cleveland, Ohio, founded 2018; offers penetration testing, cybersecurity, and compliance services including FedRAMP, SOC 2, NIST, ISO, HITRUST; maintains a modest web presence with 1,658 monthly visits.
Sentry Assurance
IT services and consulting company specializing in penetration testing; based in Cleveland, Ohio, with 3 employees; operates in healthcare and cybersecurity compliance categories including SOC 2, ISO 27001, GDPR, and HIPAA; no workforce growth; 1,206 monthly visits; global rank #11,457,148.
R2R Group
Financial services company specializing in cybersecurity, consulting, and penetration testing; 4 employees with -25% YoY growth; founded 2000 in Lancaster, PA; offers cybersecurity maturity model certification, SOC reports, and penetration testing services; web presence includes 3,070 monthly visits and a global rank of #6,126,887.
Securis360 Inc.
Securis360 Inc. is a private security and business consulting firm specializing in penetration testing as a service (ptaas), website and mobile app security testing, network architecture review, firewall security review, API security assessment, wireless device security testing, red team assessments, cloud security testing, and compliance services. Founded in 2021, headquartered in Pittsburgh, PA, with 42 employees and 48.6% YoY growth; it maintains a web presence with 1,997 monthly visits and ranks #6,654,877 globally and #617,323 in the US.
Awa Infosec
Cybersecurity company specializing in penetration testing services; offers web application, external network, and social engineering testing conducted by certified ethical hackers; headquartered in Dresher, Pennsylvania, United States.
KirkpatrickPrice
IT services and consulting firm specializing in information security assurance, including penetration testing, PCI audits, and risk assessments; 90 employees (+8.4% YoY), $6.8M revenue, founded 2005, Nashville, TN; provides advanced ethical hacking and vulnerability assessments, serving over 2,000 clients worldwide.
LBMC
LBMC is a private accounting and professional services firm based in Brentwood, Tennessee, with 498 employees and $192.7M in annual revenue. Founded in 1984, it offers consulting, accounting, tax, audit, advisory, HR, staffing, security, and technology services. The firm is the largest professional services provider in Tennessee and ranks among the top 50 accounting firms nationally. It also provides penetration testing services, including external, internal, wireless, web application, and social engineering tests, as detailed on their official website.
Prescient Security
Cybersecurity company specializing in penetration testing, compliance, and web application security; 196 employees (+52% YoY growth), $23.9M revenue, founded 2018 in Nashville, Tennessee, serving over 5,000 clients worldwide.
Dark Rock Cybersecurity, LLC
Cybersecurity company specializing in penetration testing, compliance, and security assessments; 5 employees, founded 2024, headquartered in Austin, TX; focuses on innovative security solutions and proactive threat mitigation.
Columbia Advisory Group
IT services and consulting firm specializing in cybersecurity, governance, risk, and compliance; provides penetration testing and managed IT services to higher-education clients; 31 employees, $5M-$25M revenue, founded 2012, Dallas, TX.
CelsusBit
IT services and consulting firm specializing in cybersecurity, penetration testing, and web application security; based in Arlington, Texas, with 4 employees and 66.7% YoY growth, founded in 2016.
Alchemi Advisory Group, LLC
Alchemi Advisory Group, LLC is a Dallas-based private IT and cybersecurity advisory firm founded in 2020, with 2 employees and +100% YoY growth; they specialize in compliance, internal audit, and cybersecurity frameworks, serving organizations in regulated environments. Their cybersecurity services likely include penetration testing, supported by their categorization and scope of work.
M7 Services
Texas-based IT MSP specializing in managed technology support and cybersecurity solutions; explicitly includes penetration testing services for auto dealerships, with headquarters at 13201 Northwest Fwy, Houston, TX.
Zelda Security
Cybersecurity software provider specializing in AI-driven penetration testing, threat intelligence, and proactive defense; 6 employees with 33.3% YoY growth; based in Salt Lake City, Utah, founded in 2022.
InteliPath Services Group
IT services and consulting company specializing in audit, vulnerability management, PCI compliance, and penetration testing; based in Virginia, with 4 employees, founded in 2010, and a focus on client-focused IT environment improvements. Provides active penetration testing services including network assessments, social engineering, physical tests, and PCI scans.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Leidos
Leidos is a Reston, Virginia-based company providing defense, aviation, IT, and biomedical research services; it offers cybersecurity solutions including penetration testing and red team assessments, with active pentest service offerings and related job roles.
7Security GmbH – PCI, Built for Fintech
7Security GmbH is a private cybersecurity and information security services provider based in Vienna, Austria, with 17 employees and 37.5% YoY growth. They specialize in compliance auditing, penetration testing (network, application, wireless), and security consulting for standards like PCI DSS, PCI P2PE, PCI PIN, PCI 3DS, PCI SSF, ISO/IEC 27001, PSD2, and SOC 1, serving fintech clients and helping them stay ahead of evolving threats.
ISO Certification in Bulgaria
Bulgarian-based consulting and certification firm specializing in ISO standards and cybersecurity testing; offers penetration testing, VAPT, and application security services with a focus on Bulgaria, supported by explicit location references and a Bulgarian address.
ISO Certification in Croatia
Croatian consulting firm based in Zagreb offering ISO certification services and penetration testing; provides network and infrastructure pentests, vulnerability assessments, and red-team simulations, demonstrating technical expertise in cybersecurity testing.
SAP
SAP SE is a private enterprise software company headquartered in Walldorf, Germany, founded in 1972. It employs 73,143 staff (+11.3% YoY), generates $39.6B in annual revenue, and holds a EUR227.5B market cap. The firm has received $1.3B in total funding, with recent acquisitions including SmartRecruiters. SAP provides comprehensive penetration testing services, including dedicated customer vulnerability assessment processes for SAP Cloud ALM and other products, confirming its commitment to security and compliance.
Securance
Cybersecurity company specializing in penetration testing services; offers application and network pentests with dedicated service pages; 34 employees, 58.5% YoY growth, $3.3M revenue; founded 2004; headquartered in Utrecht, Netherlands; active in cybersecurity advisory, assurance, and compliance.
Base Cyber Security
Cybersecurity consulting firm specializing in penetration testing, security assessments, and talent services; 8 employees with 14.3% YoY growth; founded 2015; headquartered in Rotterdam, Netherlands.
Luxoft Poland
Luxoft Poland is a Polish software engineering and digital transformation company headquartered in Zabierzów, Poland; it provides automotive cybersecurity services including penetration testing, vulnerability assessments, and advanced vehicle testing labs, demonstrating strong capabilities in automotive cybersecurity testing.
A3Sec
A3Sec is a cybersecurity IT services and consulting firm based in Madrid, Spain, with 89 employees and 4.1% annual growth. They specialize in detection, prevention, and incident response, including penetration testing and attack simulation, supported by dynamic vulnerability management and application analysis. The company has a web presence with 7,862 monthly visits and ranks #2,582,478 globally, actively engaging in cybersecurity news and social media.
BOTECH
BOTECH is a Spain-based cybersecurity firm specializing in fraud prevention, intelligence, and certifications, with 38 employees and +7.4% YoY growth since 2013. It offers penetration testing and ethical hacking services, with a presence in Spain, Latin America, and the US, and a monthly web traffic of 16,800 visits.
CyberImmune
CyberImmune is a cybersecurity consulting firm based in Toronto, Canada, specializing in cloud security, DevSecOps, application, and network security. With 5 employees and 25% monthly growth, they perform security and compliance assessments, penetration testing on web, network, mobile, and cloud assets, supported by dedicated VAPT pages on their website.
Control Gap
IT services and consulting company specializing in cybersecurity, offensive security, penetration testing, PCI compliance, data remediation, and forensics; 32 employees, $20.2M revenue, founded 2007, headquartered in Mississauga, Ontario, Canada, serving North America and Europe.
CDW Canada
IT services and consulting company specializing in cybersecurity and penetration testing; offers penetration testing, adversary simulation, and PTaaS with 652 employees and 6.8% YoY growth; based in Etobicoke, Ontario, Canada.
Coolidge Solutions
Cybersecurity and data analytics company based in Toronto, Canada; specializes in penetration testing, cybersecurity risk management, and compliance (PCI DSS, SOC 2); 2 employees, $3.57M revenue, founded 2013, with a focus on cybersecurity transformation and payment security.
Coral eSecure Private Limited
Canadian-based cybersecurity consulting firm specializing in penetration testing, privacy, and compliance standards; with 20+ years of experience, $10M annual revenue, and a focus on certification support for standards like SOC, NIST, HIPAA, GDPR, and ISO 27701.
Spritzmonkey
Cybersecurity consultancy based in the United Kingdom; specializes in CREST-certified penetration testing and vulnerability scanning services, actively marketing these capabilities and participating in industry events as a recognized provider.
ISO Certification in Argentina
ISO Certification in Argentina, Buenos Aires; ISO certification consulting company offering ISO, CMMI, SOC, HACCP, PCI DSS, and VAPT services; located at Libertador Avenue 101, Vicente López, Buenos Aires, with operational hours Monday to Friday, 9am-6pm. Provides penetration testing (VAPT) services including automated assessments, human-led testing, and red team simulations.
FailSafe
Cybersecurity company specializing in blockchain and AI security; headquartered in Singapore with a focus on critical systems, offering enterprise-grade security, compliance, and penetration testing services. Backed by Sequoia, Dragonfly, and Grab.
Multinational technology company headquartered in Singapore for Asia-Pacific operations; provides penetration testing services through Google Cloud, including external/internal web app and cloud assessments, supported by Mandiant's pentest offerings.
ISO Certification in Taiwan
Taiwan-based ISO certification consultancy offering a wide range of standards including ISO, SOC, GDPR, PCI DSS, CE Mark, HACCP, HIPAA, and Halal; emphasizes a simplified, faster, and affordable certification process. Additionally provides penetration testing (VAPT) services such as automated vulnerability assessments, human-led penetration testing, and red team simulations, highlighting a comprehensive cybersecurity service portfolio.
TopCertifier
Vietnam-based cybersecurity firm specializing in penetration testing services; offers VAPT Certification Consulting, Server, Network, and Infrastructure Penetration Testing; headquartered in Hanoi, Vietnam.
Mtechnix Sdn. Bhd.
Malaysian cybersecurity and engineering firm specializing in OT & IT cybersecurity, engineering services, ISO certifications, project management, and professional training; provides penetration testing for networks, web, mobile, and ICS/SCADA systems, including red team exercises.
TopCertifier
Certification company based in Philippines; offers ISO, CE Mark, VAPT, and HACCP certifications; explicitly references headquarters at GT Tower, Makati, Philippines; provides active penetration testing services including network and web application security testing.
Vynox Security
Vynox Security is a private cybersecurity company based in Pune, India, with 6 employees. They specialize in security testing services such as penetration testing, cloud security, infrastructure security, and source code audits, with a focus on helping organizations mitigate risks and defend against evolving digital threats.
Cyborgenic
IT services and consulting company specializing in information security and assurance; offers penetration testing, vulnerability assessment, and security compliance services; based in Mumbai, India, with 3 employees and 28.6% YoY growth; founded in 2020.
Qadit Systems & Solutions Pvt Ltd
Cybersecurity company based in Chennai, India, with 10 employees; specializes in penetration testing, vulnerability assessment, ISO 27001 audits, cloud security, and risk management; founded in 2001; website highlights offensive security services and security consulting.
GTISEC
Indian cybersecurity firm specializing in compliance certifications such as PCI DSS, ISO27001, SOC1 & SOC2, HIPAA, GDPR, CCPA, and Tx-Ramp; offers penetration testing services ('External pentesting') as part of its threat management solutions; headquartered in Gurgaon, India.
Threatsys Technologies Pvt. Ltd.
India-based cybersecurity firm specializing in penetration testing services; offers network and cloud pentests with a focus on vulnerability assessment through simulated attacks; headquartered in Bhubaneswar, Odisha.
CyberCube Services
India-based cybersecurity and IT consulting firm founded in 2018; 56 employees with 46.7% YoY growth; offers end-to-end cybersecurity solutions including penetration testing (VAPT), application security, compliance, and cloud security; 9,784 monthly website visits; ranked #1,915,236 globally.