The senior leadership team at Pentest People. Credit: Pentest People.

Penetration testing-focused cyber company Pentest People has been acquired by The GRC Group.

GRC provides software and tech-enabled services to manage business risks and regulatory compliance, with Pentest People “combining the benefits of consultant-led penetration testing and continuous vulnerability scanning through its in-house developed software platform”.

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

The acquisition of Pentest People represents GRC’s second acquisition in the cybersecurity risk management market following the acquisition of Bulletproof in June.

Pentest People will join Bulletproof (UK) and Target Defense (US) as part of a newly formed cyber division.

The combined cyber division will provide services to more than 3,000 clients in the UK and US in a risk area that GRC believes is under-serviced.

Alex Dacre, chief executive of the GRC Group, said: “The addition of Pentest People following our acquisition of Bulletproof in June demonstrates our commitment to become an international leader in the Governance, Risk and Compliance market, delivering tech-led compliance to SMEs alongside leading enterprise SaaS [sofware-as-a-service] point solutions.”

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Founded in 2019 and growing rapidly, the GRC Group employs more than 1,200 experts across the UK, US and certain international geographies, providing software and tech-enabled services to manage business risks and ensure customers remain compliant with legal and regulatory standards.

With six business lines – Compliance eLearning, Cyber Security, Employment Compliance, ISO services, Regulatory Intelligence and Risk Management Software – the business delivers compliance to both small and medium-sized enterprises and large global enterprises.

In May 2024, the GRC Group was acquired by Inflexion to accelerate its growth and expand into new markets, and in June 2024, the Group acquired Bulletproof Cyber, a cybersecurity and data protection company.

Together, the group’s new cyber division will be able to call on the expertise of more than 100 accredited professionals and cyber consultants.

Andrew Mason, founder and managing director of Pentest People, said he was pleased to find a new owner that shares the company’s values and “will be able to continue its rapid growth trajectory and focus on innovation. We look forward to extending the services we can offer.”