Oneleet Inc.,  an integrated compliance platform that combines cybersecurity services, said today it has raised $33 million in early-stage funding led by Dawn Capital.

Investors also participating in the Series A round included Y Combinator, former Snowflake Inc. and ServiceNow Inc. Chief Executive Frank Slootman, Dropbox Inc. co-founder Arash Ferdowsi and several other leading founders.

Oneleet consolidates a comprehensive range of security tools into one solution, including penetration testing, code scanning, cloud security posture management, attack service monitoring and security training. These tools are coupled with audits and expert guidance to bring companies into compliance with certifications such as SOC 2 and ISO 27001, as well as regulatory frameworks like the Health Insurance Portability and Accountability Act in the United States and the General Data Protection Regulation in Europe.

“[T]he way most achieve compliance has become pure theater,” said CEO Bryan Onel, an ethical hacker turned entrepreneur. “The industry treats compliance as a sales requirement — something to check off and move on from.”

For over a decade, Oneleet’s founding team has demonstrated that such an approach does not create real security. A Fortune 500 company might achieve ISO 27001 certification, which requires robust information security management procedures, yet still succumb swiftly to penetration testing.

Penetration testing, simulated cyberattacks conducted by security professionals, exposes vulnerabilities, misconfigurations, user risks and other exploitable flaws. It can both validate defenses and reveal weaknesses.

However, it doesn’t need to be that way, Onel said.

“Instead of starting with a checklist where you tick boxes to meet bare minimums, we start by implementing real security,” he explained. “Effective security automatically leads to compliance — not the other way around.”

Oneleet starts with a cybersecurity suite of tools and processes that continuously scan systems from an attacker’s perspective, finding vulnerabilities before they can be exploited. Alongside that, companies receive a system for managing policies, automating compliance and tracking risk. With all that in place, Onleet provides experts to conduct formal penetration tests to reveal any gaps, making the system genuinely secure.

Rivals in the market include Vanta Inc. and Secureframe Inc., both of which focus primarily on compliance automation. Onel maintains that while much of the industry prioritizes evidence collection, Oneleet seeks to embed a comprehensive security apparatus that serves up compliance as a natural by-product.

The company’s approach comes at a time when malicious actors are escalating their capabilities with artificial intelligence. A recent report from Secureframe warns that generative AI now enables attackers to scale social engineering campaigns, fabricate deepfakes and build sophisticated malware capable of evading detection.

Enterprises themselves are adopting AI, yet their defenses lag behind. The average cost of a security breach rose to an estimated $4.4 million this year, according to IBM’s Cost of Data Breach Report for 2025. Almost 97% of organizations reported an AI-related security incident and a lack of AI access controls, with 63% stating that they lacked comprehensive governance polices for managing AI.

The company stated that it will use the funding to expand its engineering team by adding security experts and investing in more artificial intelligence across various cybersecurity domains to provide more immediate expert-level feedback.

Oneleet already uses AI extensively in the background for threat modeling and risk assessments. The company stressed that clients never see hallucinations because humans remain in the loop to verify outcomes when the technology falls short.

Image: Flickr