Cybersecurity services business providing independent third-party penetration testing services (pentests).

Established in 2018 and based in Bristol, OnSecurity has built a technology platform to efficiently deliver pentests that identify and address vulnerabilities in computer systems, networks, and web applications. The business provides high quality human pentesting services via a platform technology that automates traditionally manual, cumbersome processes such as booking, scheduling and reporting. The business has grown rapidly since launch to become a trusted and well-known provider, having built up a customer base of almost 300 clients.

We invested £5.5mn in June 2024 which will enable OnSecurity to accelerate new customer acquisition and further develop and leverage its existing technology platform through R&D. This is OnSecurity’s first institutional investment round. As part of the investment, Grace Cassy will join the board as non-executive Chair, bringing significant experience of supporting some of the world’s leading cyber security businesses.

Investment rationale

The pentest market is significant, with global annual spend estimated at £4bn and growing, driven by the increasing adoption of cloud computing solutions, a proliferation of open-source code usage and significant regulatory drivers. One particular area of growth is within the financial services sector, where the Digital Operational Resilience Act will require businesses to contract annual threat-led penetration testing from January 2025.