About us

We're a pen-testing company founded by pen-testers

The model was broken

The idea came to us while working on a long project in the Middle East. As self-confessed ‘nerds’ our conversations always came back to problems with the Pen-testing industry. As we talked, the same fundamental problems kept coming up; antiquated engagement processes, cumbersome scheduling, long waits for even longer reports, and above all, terrible value-for-money.

The model was broken.

So, with time on our hands, we plotted a way to fix it. We would cut out the costly overhead of the middleman and allow clients to work flexibly with experienced, quality-assured pen-testers who wouldn’t cost the earth . We knew that without the financial pressure to cram tests into a couple of days, clients and pen-testers could work together over a longer period to achieve a much deeper level of security.

We built the client interface, recruited associates we respected, pitched our first client and haven't looked back...

Dave Hewson

Co-Founder & CEO

Dave held a variety of technical consultancy roles before moving into penetration testing over ten years ago. This broad experience included software development and load & performance testing.

His unique understanding of applications, languages and technical platforms and technologies, allows him to perform more thorough penetration tests.

Adam Luxford

Co-Founder & COO

Adam has a wealth of pentesting expertise gained in over 15 years at all levels of the IT Security industry. He started out in the Ministry of Defence helping establish their new Defensive Information Operations Branch.

In 2004 he was accredited as a CESG CHECK Team Leader - the UK's most highly-regarded qualification for a penetration tester. He has since delivered over 300 CESG CHECK IT security health checks for private sector clients.

Conor O'Neill

Co-Founder & Product development

Conor has been a pentester for over ten years. His past experience includes working as a web application and network infrastructure penetration tester at McAfee and Portcullis.

He has held roles as an Incident Response analyst with Barclays, and as an IT security consultant and forensics analyst with Rits Information Security.

Tom Lindley

Co-Founder & CTO

Tom has been working as a professional web developer for 9 years, with 3 of those spent in the IT Security industry.

He is an experienced developer having worked in both consultancy and development roles. His long term interest led him to the IT Security industry and he's not planning on leaving any time soon.

Gerard O'Donnell

Co-Founder & CMO

Gerard's background is in Marketing. He has worked in the Financial services, Media and the charity sectors. He has experience in creating engaging communications campaigns for corporate audiences.

He's passionate about creating practical tools that help business to change their behaviour.

Calum Boal

Security Consultant

Calum has been making and breaking software since he was 15. He graduated Abertay University with honours in Ethical Hacking and aged 20 he obtained OSCP and CRT.

Since then, he’s combined his coding background with a strong pen-testing skillset to compromise everything from mobile banking apps, to internal corporate networks.

Based in our Bristol office, he leads on security research, pen-testing and the development of our online portal.

Dan Roach

Software Developer

Dan’s background is in Artificial Intelligence and his experience has covered; data capture, analytics and presentation. His experience of the full development lifecycle has enabled him to build up a deep understanding of Java, Python and JavaScript.

Dan’s is for flair for creating user-friendly interfaces that make complex data simple for users to manage.

Working out of our Bristol office, he’s responsible for the design and development of our online portal and reports.

Calum Miller

Head of Strategic Partnerships

Calum started his career in IT managed services, where he covered the full product lifecycle from designing innovative products through to pitching and co-ordinating delivery.

Since focusing on pen-testing, he’s helped clients from City banks to tech start-ups prioritise their security needs and streamline their budgets.

Calum’s passion is for creating strategic partnerships that create a lasting improvement in security. Based in London, Calum is responsible for the development and delivery of our product growth strategy.

We’re Hiring!

We’re always looking for talented penetration testers to join our panel.

So if you’ve got an industry standard qualification (CREST, TigerScheme, OSCP) send a CV to: contact@onsecurity.co

Contact us

Get started now

Send us your email and we'll be in touch soon.