Toronto's Principal Penetration Testing Consultant
Principal-led penetration testing engagements from a practitioner with 20+ years of enterprise technology and cybersecurity experience. No outsourcing, no junior staff, no scanner-only deliverables.
Arturs Stay
The Expert Running Your Engagement
Cyber Security Pentesting Inc. is founded and led by Arturs Stay, Founder & Principal Penetration Tester, with 20+ years of enterprise technology and cybersecurity experience, including offensive security, penetration testing, cloud security, infrastructure, and regulated environments. Unlike larger consulting firms that staff engagements with junior analysts running automated tooling, every engagement here is personally led and technically executed at the highest level.
Arturs holds 15+ industry certifications, including OSCP, OSEP, CREST CRPT, CREST CPSA, CRTO, CRTE, CRTP, CARTE, CARTP, and PACES, across the full offensive security spectrum. These aren't paper certs. They reflect real-world adversarial tradecraft tested under time pressure in realistic environments.
The practice focuses on medium to large enterprises in financial services, healthcare, critical infrastructure, and regulated industries where real adversarial expertise is required, not compliance theatre. Clients receive direct access to the practitioner conducting their assessment.
Based in Toronto, Ontario, Canada. Serving clients across Canada, the US, and internationally. NDA available before any initial discussion.
We never outsource work to subcontractors or offshore analysts. When you hire Cyber Security Pentesting Inc., Arturs Stay is personally conducting your engagement from kickoff to final report debrief.
Recommended by the People
Who Have Worked With Arturs
16+ recommendations from security leaders, clients, and partners on LinkedIn, plus a 5.0 Google rating across 9 reviews. Read them, unedited, at the source.
About
Cyber Security Pentesting Inc.
Cyber Security Pentesting Inc. is a boutique offensive security consultancy headquartered in Toronto, Ontario. The firm provides enterprise penetration testing, red team operations, cloud security assessments, Active Directory and identity-attack assessments, AI red teaming, and adversary simulation for organisations whose security posture has to hold up under regulatory scrutiny and real attacker pressure. Core engagements include network infrastructure penetration testing in Toronto, covering external perimeter and internal network testing for enterprises across the GTA and Ontario.
Every engagement is principal-led. There is no junior staff running automated tooling and no offshore delegation. The practitioner who scopes the engagement is the practitioner executing it, signing the report, and answering questions during remediation. Clients work directly with the consultant rather than through an account-management layer.
The practice serves medium to large enterprises in financial services, healthcare, critical infrastructure, SaaS, and other regulated industries across Toronto, the Greater Toronto Area, Ontario, Canada, and select international clients. Engagement deliverables include executive summaries mapped to business impact, technical findings with reproduction steps, compliance framework references where relevant (PCI DSS, SOC 2, PIPEDA), and a remediation re-test pass within 60 days at no additional cost.
Engagements begin with a scoping call under NDA. No detailed environment information is requested until an NDA is in place.