Kroll

Kroll is a global risk and financial advisory firm that traces its origins to 1932 as a corporate-investigations pioneer and today employs roughly 6,500 professionals across more than 30 countries. The firm's cyber risk practice, built around Kroll Responder MDR, Kroll Artifact Parser and Extractor (KAPE), and a 400-plus-person investigations bench, handles thousands of incident response cases each year, giving its offensive team an unusually direct feedback loop from live attacker behaviour into penetration test scoping.

Kroll's offensive services include application, network, cloud, wireless, and mobile penetration testing, red and purple teaming, adversary simulation, assumed-breach, and ransomware tabletop exercises. Kroll is accredited as a PCI QSA, PCI Forensic Investigator, and ISO 27001 certified, with SOC 2 Type II attested services. The team is frequently engaged for IR-led pen tests, engagements that start from threat-actor TTPs Kroll has already observed against the client's industry peers.

Kroll is best suited to financial services, insurance, legal, and regulated enterprises that already use the firm for financial advisory, litigation support, or incident response, and that value continuity between IR, litigation, and offensive testing. Its breadth is a strength for multi-jurisdictional programmes but pricing and governance overhead make it a less natural fit for SMBs.