IOActive, Inc.

Independent global research-driven security consultancy specialising in full-stack, hardware, embedded, and critical-infrastructure testing.

CompanyPenetration Testing Firms

Pricing: Custom (contact sales)

Reviewed by the CyberSecTool editorial team against the public sources cited below · Last reviewed June 2026 · How we review listings

What is IOActive, Inc.?

Founded in 1998 by Joshua Pennell and led since 2008 by Jennifer Sunshine Steffens, IOActive is headquartered in Seattle with offices in Atlanta, London, Madrid, and Dubai. The firm is known for full-stack security assessments and deep specialism in hardware, embedded systems, semiconductors, automotive, industrial control, and other safety-critical environments.

Best for: OEMs, semiconductor vendors, automotive, and critical-infrastructure operators that need silicon-to-cloud security expertise
Pros
  • Recognised research leader in hardware, automotive, and semiconductor security
  • Independently owned since 1998 with stable senior consultant tenure
  • Strong publication record at Black Hat, DEF CON, and academic venues
  • Specialist labs for hardware bring-up, fault injection, and chip-level analysis
Considerations
  • Boutique scale relative to NCC Group or Mandiant limits concurrent capacity
  • Premium engagement pricing with no public rate card
  • Hardware specialism means depth often exceeds what general-IT teams need

Reported in public reviews and vendor documentation. See sources below.

Key Features

Full-stack penetration testing (application, network, cloud)
Hardware, embedded, and IoT security testing
Silicon and semiconductor security analysis
SCADA, ICS, and operational technology assessments
Red team and purple team engagements
Secure development lifecycle (SDL) advisory
AI/ML security services
Supply chain integrity and OSINT threat simulation
Security research, training, and advisory

Are you IOActive, Inc.? Improve this listing with screenshots, case studies and more.

Sources & references

Where the information on this listing comes from. Always verify pricing and capabilities against the vendor before a purchasing decision.

Spot an error, or do you represent IOActive, Inc.? Request a correction.