Packetlabs

Packetlabs is a CREST-accredited and SOC 2 Type II attested penetration testing firm headquartered in Mississauga, Ontario, with a US presence in San Francisco. Founded in 2011, the company employs a 95% manual-first testing approach led exclusively by OSCP-minimum certified ethical hackers, guaranteeing zero false positives. Every Packetlabs engagement is delivered by staff consultants, the firm does not subcontract, and findings are hand-triaged by a second analyst before the report leaves the shop, giving the delivery model a consultancy feel more typical of firms ten times its size.

Packetlabs derives its methodology from the SANS Pentest Methodology, MITRE ATT&CK framework, and NIST SP800-115. Their services span infrastructure, web and API, cloud, mobile, red team and purple team engagements, social engineering, and OT/IoT testing. Their adversary simulation service replicates real-world threat actors to evaluate how well organisations' people, processes, and technology hold up under sustained attack. Packetlabs is one of a small number of Canadian providers with the depth to support PCI DSS 4.0 segmentation testing, SOC 2 supporting pen tests, and OSFI B-13 alignment in a single engagement.

The firm focuses on North American clients, with particular strength in financial services, healthcare, and technology sectors. Packetlabs publishes regular technical research through its blog and webinar series, and the company has built a reputation as a trusted partner for Canadian banks, insurers, and regulated fintechs that require domestic data handling and OSFI-aligned reporting. The firm's size and cultural fit make it well suited to mid-market and enterprise clients that want consultant-led depth without the overhead of working with a global Big Four firm.