Picus Security Inc.

Picus Security, founded in 2013, is a cybersecurity company specializing in Breach and Attack Simulation (BAS) and continuous security validation. The company's core mission is to help organizations understand and improve the effectiveness of their security controls, thereby enhancing cyber resilience and fostering a threat-centric approach to security decision-making. While its legal headquarters are in Wilmington, Delaware, Picus Security also maintains a significant operational presence in San Francisco, California, and has offices across multiple continents.

Picus Security offers the Picus Complete Security Control Validation Platform, which unifies exposure assessment, security control validation, and exposure validation. This platform simulates real-world cyberattacks across network, endpoint, and cloud environments to identify security gaps, evaluate prevention and detection systems, and provide vendor-specific mitigation recommendations. Key offerings include Exposure Validation, Security Control Validation, Attack Surface Management, Attack Path Validation, Detection Rule Validation, and Cloud Security Validation. The company has also integrated AI-powered breach simulation features, including the Numi AI assistant, to enhance its capabilities.

In recent developments, Picus Security completed a $45 million Series C funding round in 2024, led by Riverwood Capital, bringing its total funding to $80 million. The company launched its Exposure Validation system in 2025 and released its Blue Report 2025, which highlighted a decline in defensive effectiveness against cyberattacks. Picus Security is recognized as a leader in the Breach and Attack Simulation and Adversarial Exposure Validation markets, with a high customer recommendation rate. The company's leadership includes co-founders H. Alper Memiş (CEO), Volkan Ertürk (CTO), and Süleyman Özarslan (VP of Picus Labs).