Our Story

Security Reporter is built by pentesters in Leiden, The Netherlands, who know the pain of endless Word revisions, version mix-ups, and all the friction that slows down real-world security work. In 2020, we set out to build a better way. But our story didn’t start there.

From Secure Development to Ethical Hacking

In 2012, DongIT was founded as a web development company with a clear mission: to build secure and privacy-sensitive applications from the ground up. At the time, most companies treated security as an afterthought—something that could be "added" later. But we believed in security by design, long before it became a security must-have. 

As more companies were hacked each year, and security awareness grew, we were increasingly drawn into offensive security. Clients came to us not only to build systems but also to break them. Our work naturally evolved from development to ethical hacking, with penetration testing becoming our core focus.

The Bottleneck: Reporting

The more assessments we completed, the more obvious it became that reporting was holding us back. Reuse was clunky, collaboration was messy, and clients were often stuck waiting until the final report to take action. For a field that demands speed and precision, it made no sense.

In 2020, we began developing Security Reporter, driven by our frustrations with legacy reporting tools. It needed to automate repetitive tasks, support client interaction, and facilitate better collaboration throughout the engagement—all while delivering high-quality service grounded in security standards and best practices.

Security Reporter enabled us to handle more assessments, deliver higher-quality results, and remove the friction that held us back.

A Different Approach

We're proud to have built more than just a reporting tool. Security Reporter improves the entire security assessment process—from how findings are documented to how teams collaborate and take action. Unlike other tools that bolt reporting onto outdated workflows, we took a different approach, shaped by our own experience in the field.

We're convinced Security Reporter will help your security team move faster, stay organized, and spend more time doing what matters: improving security.

Reporter enables our security researchers to effectively perform more pentests than before, due to easy setup of report structures and re-use of previous submissions.

Michael C., Chief Technology Officer
Certified company

Certifications

To ensure we meet the highest standards, we are ISO 27001 certified, demonstrating that our information security management is audited and compliant with international standards. We also hold the CCV Pentest certification, the Dutch standard for high-quality penetration testing services. Together, these certifications confirm that our processes are verified to protect client data, meet regulatory requirements, and deliver reliable results.

Partner logos

Partners

We’re actively involved in the cybersecurity community and are a proud partner of Security Delta (HSD) and Cyberveilig Nederland.