Security at the speed of threat

Crimson7 was founded at the end of 2024 by 7 professionals who have been working together for many years and saw an opportunity in the market to do better. C7 Crimson7 is a threat research lab focused on attack intelligence and offensive research

80% of the attacks these days are using a form of unknown attack payload or defense bypass. If you are a client partnering with a company which is not investing in research, you are missing out on a couple of tricks. And if you are a company delivering services to clients and are not spending time researching, you are not playing at the forefront of innovation and relying on companies like us for tradecraft, methodologies and tools.
More than 20% of our time has been dedicated to research and as a result of that we have brought 2 innovative managed services to the market and 3 custom tools. And that is just the beginning

HackerFlow is a specialized Purple Team tool that focuses on advanced TTPs (Tactics, Techniques, and Procedures) to emulate threat actor attacks on client’s environments. Unlike most other tools we go beyond powershell attacks and focus on advanced attacks such as in-memory. Furthermore we are also integrating the remediation part in the tool which oftentimes gets forgotten by providing Detection & response-as-code (DRaC) which clients can immediately implement in the environment, making sure they will detect and can respond to similar attacks immediately.

7hunter is a platform for which you can manage and automate threat hunting.
Our platform will allow you to run queries by runbooks, threat actor or MITRE Attack Flow. In addition you can also connect it to your SIEM and run live investigations of current or past incidents.
Thanks to our hunter AI agent, our tool also allows for usage of lesser skilled operators not knowing on what to focus on as you can query “I am a SOC analyst of a Belgium manufacturing company with technology stack X,Y,Z. Please draft a runbook for me which I can run over the next few days”.

Both of our tools are integrated with the category leader of threat-led defence, Tidal Cyber, making sure that we are ingesting attackers procedural intelligence and can help operators focus on what is truly relevant to them.

To determine the market size we went with 2 approaches.
1) Top down: starting from all the available analyst reports out there determining the global market for ethical hacking tools which is expected to grow to 3BN USD in 2030.
2) Bottom up: starting from our license model and multiplying that with our ICP (ideal customer profile). Our tools mainly focuses on any company under DORA (22K companies in EER), banks (5K) and any company having their own SOC (Security Operations Center). In addition, our tool amplifies MDR technology so we are also heavily relevant to integrate into an MDR provider stack
The direct market (DORA) is expected to stagnate over the next years with limited growth. Our indirect market (partners) is expected to grow significantly as more players will be challenged by their clients for better cyber protection.

The market for automated ethical hacking tools is expected to grow significantly in the next years as attackers are moving faster and more automated than ever, combined with an increasing shortage of analysists capable of monitoring environments. The future is in hybrid combining human intervention with automated tools.

Currently we have 13 FTEs of which 7 are the original founders.
Of those 12 resources, we have 3 externals:
1x coach/mentor for our development team
1x evangelist/customer advisory board lead to make sure we are building our products from the customer experience backwards
1x freelance SaaS marketeer helping us with product marketing

4 employees: 3 developers and 1 researcher/Offensive security consultant

The original 7 have professionally be working together in a variety of companies the past years and a track record of being involved in bringing innovative services to market thanks to our research mindset.

Research is at the core of everything we do, and this is where most other organizations fail. 80% of the attacks these days are using a form of unknown attack payload or defense bypass. If you are a client partnering with a company which is not investing in research, you are missing out on a couple of tricks. And if you are a company delivering services to clients and are not spending time researching, you are not playing at the forefront of innovation and relying on companies like us for tradecraft, methodologies and tools.

In 2025 we got a VLAIO innovative subsidy granted, proving the innovative character these tools have.
In Q4 last year we got picked up by Tidal Cyber, which is a global US company focusing on adversary procedural intelligence. They are, and will become a major player and we are providing as first integration partner
In 2025 we brought 5 tools to market. 3 of them are freemium community tools to create brand awareness. The other 2 are 7hunter and Hackerflow which will be transformed into full blown SaaS products.
We are serving clients all over the world.
Our biggest sector is Financial Services.
Thanks to our threat hunting services, we have been in contact with the FBI and Swiss NCSC.
We published over 12 threat hunting runbooks, including those covering APT activities