PCA Cybersecurity

PCA Cybersecurity is a Vilnius-based offensive security boutique focused entirely on the automotive sector. The company was founded in 2019 and has built its reputation through hands-on vehicle and component research, including consistent participation in the Pwn2Own Automotive contest and a published catalogue of vulnerabilities disclosed to OEMs and Tier 1 suppliers.

PCA's service catalogue is purpose-built for UN R155 and ISO/SAE 21434 evidence. The firm delivers ECU and component-level penetration testing, full vehicle assessments, OTA backend testing, charging infrastructure and OCPP testing, TARA (Threat Analysis and Risk Assessment) workshops, mobile companion app reviews, and secure code review of automotive software. The lab in Vilnius houses bench setups for ECU testing, hardware debug tooling, software-defined radio gear for wireless work, and dedicated test vehicles.

PCA suits OEMs and Tier 1 suppliers commissioning R155 type approval evidence, suppliers under TISAX qualification, EV charging operators, and aftermarket connected-vehicle product manufacturers facing CRA obligations. Notable for delivering pen test reports mapped to ISO/SAE 21434 clauses and TARA outputs, which type approval authorities increasingly expect.