What KKR’s Growth Investment Means to NetSPI
Today I’m thrilled to announce that the global investment firm KKR is to invest $410 million in NetSPI. This growth investment marks one of the largest private equity deals in cybersecurity this year – a massive accomplishment for Team NetSPI.
We didn’t become the leader in offensive security by checking boxes or sticking to the status quo. We got here by hiring the best talent in the business, innovating without limits, and creating a workplace culture of excellence. This is where our focus will remain as we double down on our investments to build strong teams, develop our technology stack, and expand our offensive security services globally.
In May 2021, KKR made a $90 million investment in NetSPI, with participation from Ten Eleven Ventures. Over the past 18 months, they’ve been a dedicated partner who believes deeply in this team. This growth investment is further proof that hard work pays off as we near the end of another record year of growth and celebrate our recent accomplishments including, the continued adoption of our PTaaS delivery model, our acquisition of Silent Break Security, the introduction of Attack Surface Management, our global expansion to EMEA, our NetSPI University training program, and more.
We are much more than a penetration testing company. We’re a group of incredibly talented ethical hackers, vulnerability researchers, project managers, and strategic partners who ultimately want to help our clients innovate with confidence. We’re a company that understands how to develop and leverage technologies to create efficiencies at a time where resources are limited, empowering people to focus on what matters most.
To ensure the security of today’s most prominent organizations and keep pace with the evolving attack surface, we must challenge the status quo in offensive security. With KKR’s support, we will continue doing just that. I, for one, am excited for this new chapter in NetSPI’s story of growth, disruption, innovation, and dedication.
Aaron Shilts, CEO at NetSPI
Explore More Blog Posts
Why Continuous Testing is the New Standard for Modern Security
NetSPI's continuous pentesting delivers regular, tailored assessments across critical assets, customized to your organization's risk profile and operational cadence to ensure coverage where it matters most. These services are delivered through NetSPI’s leading PTaaS platform using existing workflows.
CVE-2026-0300 Palo Alto Networks PAN-OS Buffer Overflow Overview & Takeaways
Palo Alto Networks has disclosed a critical zero-day vulnerability in PAN-OS, tracked as CVE-2026-0300, affecting PA-Series and VM-Series firewalls with the User-ID Authentication Portal (Captive Portal) enabled. The flaw is a pre-authentication buffer overflow that allows an unauthenticated, remote attacker to execute arbitrary code with root privileges on affected devices.
CVE-2026-41940 cPanel & WHM Authentication Bypass Overview and Takeaways
cPanel has disclosed a critical authentication bypass vulnerability affecting cPanel & WHM and WP Squared, tracked as CVE-2026-41940 (CVSS 9.8). The flaw allows a remote, unauthenticated attacker to gain root-level administrative access by injecting arbitrary values into a server-side session file, effectively bypassing all credential checks.