Best Security Audit Companies in 2025
Discover the best security audit companies from our curated and opinionated list of independent cybersecurity research and penetration testing companies.
Written by
mail1.braxo.se Team
![Verified]()
Published
6/1/25
Time to read
Less than 5 minutes
Foreword
We have been evaluating security research companies to conduct audits of our source code on GitHub and server infrastructure – and decided to share our findings.
Please note that the companies listed below are not in any particular order, but they have all consistently shown high-quality work during our evaluation period over the past few years.
Cybersecurity Audit and Penetration Testing Companies
| Name | Website | Location | Description | Publications | Our Favorite Publications |
|---|---|---|---|---|---|
| Cure53 | https://cure53.de/ | Berlin, Germany | "Fine penetration tests for fine websites" | https://cure53.de/#publications | Mullvad Servers, Mullvad Apps/API, Mullvad Servers |
| Radically Open Security | https://www.radicallyopensecurity.com/ | Amsterdam, The Netherlands | "Non-Profit Computer Security Consultancy" | https://github.com/radicallyopensecurity/ros-website/tree/main/ros-public-reports | F-Droid, Tauri, Mullvad VPN |
| Assured AB | https://www.assured.se/ | Gothenburg, Sweden | "Experts in technical cybersecurity" | https://www.assured.se/publications | Mullvad Email Servers, Mullvad API, Mullvad DNS |
| Trail of Bits | https://www.trailofbits.com/ | New York, New York, United States | "We don't just fix bugs, we fix software." | https://github.com/trailofbits/publications | Homebrew, Hey, cURL |