Oneleet already serves more than 750 customers, has surpassed $7 million in ARR, and reached profitability before raising the round.

Founded in 2022 by Bryan Onel, Ora Onel and Erik Vogelzang, Oneleet was created to close the gap between passing audits and being genuinely secure. Bryan spent years simulating advanced attacks and modelling defensive solutions for hundreds of companies as a “penetration tester” and vulnerability assessor. He grew frustrated after realizing most saw compliance as a checkbox exercise, while continuing to rely on existing “AI automation” platforms that were not truly securing their businesses – or on slow and expensive manual processes. 

Bryan Onel commented: "I kept breaking into companies that had just passed their SOC 2. That's when I realised the entire compliance industry was broken – it was helping companies fake security, not achieve it. Most compliance platforms are built by people who've never broken into a system and are helping companies check boxes, while missing the fundamentals that attackers will exploit.

“For example, AI autopilot may make you ‘compliant’ on paper, but it’s dangerous, ineffective ‘compliance theater’ that creates a false sense of security. So companies are spending time and money on meaningless activities while remaining completely vulnerable. We built Oneleet from the attacker's perspective, because we know what actually stops breaches. This means we offer what companies actually need at a cost-effective rate.”

“You’re only secure if a hacker can’t break in”

Oneleet was born after pentesting clients began asking Bryan to provide a compliance solution. He obliged, and the team was accepted into Y Combinator, receiving investment and fast becoming YC's most popular security compliance platform on release (2/3 of the YC portfolio are now Oneleet customers). Within three years, the company reached $7 million ARR with zero marketing spend, pulling in clients from incumbents.

Oneleet is unique in the space, delivering unparalleled technical depth, including its ‘AI+ pentester verification model’ that can detect 30% more assets than incumbents. Oneleet guarantees successful audits, and includes a proprietary integrations engine, code scanner, and attack surface monitoring tools. It operates a unified data model – as opposed to surface-level integrations – and is built to catch anything hackers would exploit.

"We call it the ‘pentester mindset: find what others miss’,” Bryan said. “This means we use AI extensively to scale what used to be manual expert review. AI doesn't have a security expert's intuition for what looks suspicious, which is why we augment, not replace, human expertise."

Oneleet chose to raise a Series A in order to rapidly capitalise on demand, accelerate the growth of the business and product development, expand its services, and support talent acquisition.

Henry Mason, Partner at Dawn Capital, said: “What makes Oneleet so compelling is not just what it does, but how it does it. Only recently has AI matured enough to automate the messy, human-heavy work of compliance and security. That shift delivers more than speed – it unlocks software-level gross margins and scalability in a market long dominated by services. Oneleet sits squarely in that inflection point: engineered for efficiency, yet able to deliver robust security at scale.”

“Oneleet’s superpower is its relentless customer obsession. We are thrilled to be supporting Bryan, Ora and Erik as they capitalise on their early success to build out the global category leader.”

For more startup news, check out the other articles on the website, and subscribe to the magazine for free. Listen to The Cereal Entrepreneur podcast for more interviews with entrepreneurs and big-hitters in the startup ecosystem.