Paris, September 09, 2025 â YesWeHack, the global Bug Bounty and vulnerability management platform, has announced the acquisition of Sekost, an innovative player in the cybersecurity auditing space. This marks YesWeHackâs first-ever purchase of another organisation.
This acquisition also represents a major strategic step for Sekost, which can now leverage YesWeHackâs international reputation and commercial strength to enhance its offerings for SMEs and accelerate its expansion. Both Sekost and YesWeHack have enjoyed rapid growth in recent years. Sekostâs revenue has doubled in each of the past two years, while YesWeHack has been rapidly expanding for more than a decade.
A natural alliance built on shared values
YesWeHack and Sekost share a common history: Christophe Hauquiert, CTO and co-founder of Sekost, was a longstanding ethical hacker on the YesWeHack Bug Bounty platform. YesWeHack then became one of Sekostâs first clients, and the two companies established a technological partnership through which they integrated Sekostâs services into the YesWeHack platform.
YesWeHack and Sekost can now unite under a shared vision: combining innovation and technical excellence to deliver straightforward solutions with actionable, tangible results. They are also guided by common values and a culture built on hacking and offensive security, transparency and a human-centred DNA.
Exceptional potential to unlock
As part of YesWeHack, Sekost will maintain its autonomy while gaining access to new resources that can accelerate the development of its offerings for SMEs.
Through this acquisition, Sekost will benefit from:
- YesWeHackâs commercial strength and international reputation
- Operational reinforcement through the cross-functional expertise of Europeâs leading Bug Bounty platform
- Preferential access to new strategic markets and YesWeHackâs global enterprise clients
- Product convergence combining continuous diagnostics and ASM (Attack Surface Management) for even more comprehensive attack surface coverage
Concrete benefits for clients:
- An accelerated product roadmap, with a new continuous monitoring solution planned by the end of 2025 and integrated support for NIS2 compliance starting in 2026
- Enhanced support, greater scalability and an improved customer experience at all levels
- New distribution channels via a shared platform and an expanded YesWeHack solutions offering
- An enriched offering for YesWeHack clients through Sekost solutions and tangible synergies within the YesWeHack platform
Guillaume Vassault-HouliĂšre, CEO and co-founder of YesWeHack, states:
âThis merger brings together two cultures aligned around a common ambition: to provide the most advanced solutions to protect organisations of all sizes in a constantly evolving digital environment. It is also YesWeHackâs first acquisition, and we are delighted to contribute to the growth of a high-potential French company, which will remain based in France.â
LĂ©o Richer, CEO and co-founder of Sekost, adds:
âYesWeHack was first a client, then a partner, and today we take a historic step together. With YesWeHack, we go further and faster without losing our identity. Joining forces with one of the finest French cybersecurity companies is an extraordinary opportunity for our clients and our growth, and it marks the beginning of an exciting new chapter for our entire team.â
Image above: Leo and Christophe, co-founders of Sekost, which has just been acquired by YesWeHack
About YesWeHack
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide with more than 100,000 ethical hackers who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure.
The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and âDojoâ (ethical hacking training).
YesWeHack complies with strict security, financial traceability and privacy requirements. YesWeHackâs services are ISO 27001- and ISO 27017-certified and accredited by CREST. YesWeHackâs infrastructure uses EU-based, GDPR-compliant private hosting that meets the most stringent standards: ISO 27001, ISO 27017, ISO 27018, ISO 27701 and SOC II Type 2. The YesWeHack platform is also permanently subject to a public Bug Bounty Program.
Find out more at www.yeswehack.com
Press contact:
We Talk Agency - Aurélien Rouby
+33 6 70 68 49 32
aurelien@wetalk-agency.com