Amsterdam-based cybersecurity firm Oneleet raises a Series A funding round to expand its platform that integrates security and compliance.


Contentlockr

Amsterdam-based Oneleet, a cybersecurity platform that delivers both compliance and security, has raised $33M (nearly €28.14M) in a Series A funding round.

The company is developing a platform that consolidates security tools and automates compliance processes. Oneleet’s approach focuses on building security systems that meet operational needs first, with compliance achieved as a result of those practices.

The round was led by Dawn Capital, with participation from Frank Slootman, former CEO of Snowflake and ServiceNow, Arash Ferdowsi, co-founder of Dropbox, Y Combinator, and several technology founders and CISOs.

Bryan Onel, CEO of Oneleet, says, “From our first call with Dawn, we knew we’d found the right partner. They understood the space deeply and immediately grasped what we’re building: compliance as the wedge, security as the substance. Their conviction, professionalism, and enthusiasm were evident from day one—Henry Mason was on a plane from London to San Francisco within 24 hours to meet in person.”

“Frank Slootman, Arash Ferdowsi, and our CISO and founder angels bring invaluable experience scaling transformative companies. We couldn’t be happier with the partners joining us as we build Generation 2 of security platforms.”

Bridging the gap between compliance and security

Many companies pursue SOC 2 and ISO 27001 certifications to secure contracts. In practice, compliance is often treated as a sales exercise rather than a security measure. Organisations run minimal scans labelled as penetration tests, create fake tabletop exercises, and collect screenshots to meet requirements. This produces certification documents but leaves systems exposed.

The founders of Oneleet, who spent years conducting penetration tests against large corporations and government agencies, observed that certified companies were still breached quickly. The repeated outcome showed that the current compliance system prioritises passing audits over preventing attacks.

Oneleet was created to address this gap by combining compliance and real security into one approach, removing the need for organisations to choose between the two.

Integrating security tools into one system

Oneleet helps companies meet SOC 2, ISO 27001, and other compliance standards by focusing on security first. The approach begins with building strong security systems, with compliance achieved as a natural outcome rather than through checklists.

The platform combines services that usually require multiple vendors—such as penetration testing, code scanning, cloud posture management, attack surface monitoring, mobile device management, and security training—into one system. 

By developing and managing these tools internally, Oneleet can provide end-to-end security through a unified platform.

Oneleet’s approach accelerates compliance by providing all essential security tools in one platform, reducing the time companies spend setting up and adopting multiple systems. It guarantees audit outcomes by maintaining standards that exceed auditor requirements and verifying them through its AI team. 

The platform’s integrated design removes gaps that often arise from using fragmented tools, and Oneleet assumes full responsibility for the entire security process by controlling the whole stack rather than relying on third parties.

Bryan Onel, CEO of Oneleet, says, “We use AI extensively—but responsibly. AI works in the background for threat modeling and risk assessments, but clients never see hallucinations because we verify everything first with human expertise, where technology falls short.”

“The proof is in outcomes: We regularly win customers from major competitors after those companies lost deals due to inadequate security. We implement real security, and they close the deals they previously couldn’t.”

Capital utilisation

Oneleet has reached eight-figure revenue through organic growth, without using its seed funding. 

The new funding will be used to expand the engineering team with security specialists, invest further in AI across multiple cybersecurity areas to deliver expert-level security feedback that is faster and more consistent, and scale proven go-to-market channels. 

The company’s focus is on building a complete, unified platform for security and compliance, based on the belief that compliance alone is not enough.