InfoRisk Today: NetSPI Doubles Down on Pen Testing With nVisium Acquisition

On January 10, NetSPI CEO Aaron Shilts was featured in the InfoRisk Today article called NetSPI Doubles Down on Pen Testing With nVisium Acquisition. Read the preview below or view it online.


The Minneapolis-based attack surface management vendor says Washington, D.C.-area nVisium’s deep understanding of the niceties of different cloud platforms will come in handy since Azure penetration testing differs from AWS pen testing, says CEO Aaron Shilts. Hacking – with permission – into cloud-based apps requires different skill sets than testing the security of traditional web applications or networks.

The terms of the acquisition, which closed Dec. 22 and was announced Jan. 3, aren’t being disclosed. All 50 of nVisium’s employees will join NetSPI, including founder and CEO Jack Mannino, who will focus on R&D and building next-generation technologies for clients and testers as part of the NetSPI labs organization (see: Pen Test Firm NetSPI Gets $410M Boost From KKR to Fuel M&A).

Why Customers Need Cloud Pen Testing

An ongoing mass migration to cloud environments from on-premises data is driving demand for cloud penetration testing, according to Shilts. He says NetSPI is already one of the leaders in the cloud pen testing space but will benefit from nVisium’s capabilities. The Washington firm excels at working with businesses with mature security programs in highly regulated industries such as energy and financial services, Shilts says. Financial services has long been one of NetSPI’s largest markets, but the CEO says little overlap exists between the NetSPI and nVisium clients’ bases.

Shilts plans to fully integrate nVisium into the NetSPI organization by Feb. 1, with a focus on training, onboarding and familiarizing nVisium’s staff with NetSPI’s platform and programs. According to Shilts, nVisium customers should be able to more easily meet developer and testing timelines thanks to the size of the NetSPI organization.

NetSPI’s automation tools focus primarily on the tester experience, report automation and report generation, and Shilts says these tools will be integrated and brought into NetSPI’s mainline code base. NetSPI today has both employee-facing automation tools similar to what nVisium offers as well as client-facing automation tools that are unlike anything nVisium provides today.

The nVisium deal comes just three months after NetSPI received a $410 million growth investment from private equity giant KKR to pursue acquisitions and expand its technological and geographic footprint – money that helped move the nVisium acquisition across the finish line.

You can read the full article at InfoRisk Today!

Discover how the NetSPI BAS solution helps organizations validate the efficacy of existing security controls and understand their Security Posture and Readiness.