Automotive Cybersecurity: 3 Companies compared
Automotive cybersecurity companies protect connected and software-defined vehicles across their lifecycle. From ECUs, in-vehicle networks, and telematics to cloud backends, fleets, and EV charging. This guide compares the firms that OEMs…
Looking specifically for vehicle pen testing? Read our deep-dive on automotive penetration testing. Scope, standards, Pwn2Own, and the firms doing the research.
Automotive Pen Testing guide →On this page
Quick comparison
All automotive cybersecurity companies side by side, alphabetical.
| Company | Founded | Engagement | Specialism | Standards / accreditations |
|---|---|---|---|---|
| PCA Cyber Security | 2019 | Project-based engagements | OEMs and suppliers that need elite offensive testing, TARA, and managed monitoring for co… | TISAX Assessment Level 3ISO/SAE 21434UNECE R155 |
| Upstream Security | 2017 | Subscription (custom) | OEMs and fleet operators that want cloud-scale detection, response, and a managed Vehicle… | ISO/SAE 21434UNECE R155UNECE R156 |
| VicOne | 2022 | Subscription (custom) | OEMs and suppliers wanting a broad, lifecycle automotive security portfolio backed by an… | ISO/SAE 21434UNECE R155Automotive SPICE (ASPICE) Level 2 |
PCA Cyber Security
Automotive CybersecurityOEMs and suppliers that need elite offensive testing, TARA, and managed monitoring for connected vehicles and embedded products
PCA Cyber Security (formerly PCAutomotive) is a Budapest-based specialist in offensive security and threat intelligence for vehicles and embedded systems. The firm runs dedicated CyberLab and CyberGarage research facilities and has built a strong public reputation through repeated Pwn2Own Automotive participation and disclosed vehicle vulnerability research, including 21 vulnerabilities across Skoda and Volkswagen vehicles and their cloud backend. While rooted in automotive, PCA has expanded into fintech, manufacturing, consumer electronics, and energy. It is a services-led firm focused on penetration testing, TARA, verification and validation, and managed product SOC monitoring rather than off-the-shelf software.
Upstream Security
Automotive CybersecurityOEMs and fleet operators that want cloud-scale detection, response, and a managed Vehicle SOC for connected fleets
Upstream Security operates a cloud-native, agentless AI platform purpose-built for connected vehicles and mobility IoT. It ingests telematics, OTA, diagnostic, and dealership data to deliver cybersecurity detection and response (V-XDR), automotive threat intelligence, and data-driven applications. Upstream pairs its platform with a managed 24/7 Vehicle Security Operations Center and monitors tens of millions of vehicles, making it one of the largest-scale players in connected-vehicle security. Because it works server-side without in-vehicle agents, it is typically deployed alongside embedded ECU protection rather than replacing it.
VicOne
Automotive CybersecurityOEMs and suppliers wanting a broad, lifecycle automotive security portfolio backed by an established cybersecurity parent
VicOne is a wholly-owned subsidiary of Trend Micro dedicated exclusively to automotive cybersecurity for connected and electric vehicles. It leverages Trend Micro's 30-plus years of security expertise and the Zero Day Initiative's vulnerability research network. The same program behind Pwn2Own Automotive. To give OEMs and suppliers lifecycle protection from development and production through in-vehicle operation. Its portfolio covers an in-vehicle IDPS, a managed VSOC, threat intelligence, SBOM and vulnerability management, and penetration testing services.
Related guides
Other categories you might be evaluating alongside automotive cybersecurity.
About this listing
Automotive Cybersecurity companies, listed alphabetically and compared on public information. How we work →