For years, cybersecurity was built in defensive mode: firewalls, protocols, audits and certifications sought to build higher walls. A new generation of players, like Oneleet, is reversing the approach: to better protect yourself, you must first think like an attacker.
Founded in 2022 by Bryan Onel, Ora Onel and Erik Vogelzang, Oneleet was inspired by the world of pentesting to design a compliance and security platform built from the adversary’s point of view. The company starts from an observation widely shared among specialists: compliance is often treated as a formal exercise, a means of obtaining certification without concrete impact on the actual security of systems.
Artificial intelligence automates asset and vulnerability detection, while human experts validate, prioritize and contextualize threats. According to Oneleet, this method could identify up to 30% more assets compared to traditional compliance tools. The goal is no longer just to check audit boxes, but to continuously correlate real-world vulnerabilities to an organization’s attack surface.
This approach reflects a broader evolution in the sector with the shift from defensive cybersecurity to proactive cybersecurity. By combining automation and offensive expertise, these new platforms seek to bridge the gap between regulatory compliance and the technical reality on the ground.
Oneleet announces a 33 million euros (around $36 million) Series A round, led by Dawn Capital with the participation of Y Combinator, Frank Slootman (former CEO of Snowflake And ServiceNow) And Arash Ferdowsi (co-founder of Dropbox). This financing should enable the company to accelerate product development, expand its services and strengthen its technical and commercial teams.
