Critical Cloud and Tarian Labs have announced a new partnership focused on helping fintech companies maintain continuous confidence in the security of production environments. Their jointly developed Continuous Runtime Security Validation service provides ongoing assurance as cloud infrastructure, applications and AI technologies change, addressing the shortcomings of traditional annual penetration testing.

The service combines Critical Cloud’s Managed Runtime Assurance model with Tarian Labs’ offensive security expertise, backed by experience across government, defence and critical national infrastructure programmes.

Managed Runtime Assurance delivers continuous operational management for production applications, cloud services and AI platforms, ensuring they remain secure, observable, resilient, cost-efficient and prepared for regulatory scrutiny. Rather than ending with a security report, identified issues move through remediation, validation and documented completion.

Continuous Runtime Security Validation integrates Critical Cloud’s Datadog-powered managed operations with Tarian Labs’ independent security testing in an Observe, Detect, Validate workflow. Critical Cloud provides runtime monitoring, governance and operational oversight, while Tarian Labs carries out penetration testing, cloud and infrastructure reviews, web application assessments, API testing and retesting. The resulting findings are addressed through remediation before being independently verified and documented.

The model preserves independence throughout the process. Tarian Labs is responsible for testing methodology, findings, severity ratings and retesting, while Critical Cloud leads remediation and continuous runtime enhancement. Every engagement is delivered under customer authorisation, agreed scope, documented rules of engagement and controlled evidence management.

“Detection without validation is hope, not assurance,” said James Smith, CEO of Critical Cloud. “Regulated fintech businesses need continuous confidence that production controls are working as intended, supported by an operating model that converts security findings into lasting improvements.”

“Security testing should deliver measurable outcomes rather than ending with a report,” said Kevin Hanford, Co-Founder and CEO of Tarian Labs. “By combining independent validation with operational remediation, we help customers demonstrate that identified risks have been effectively resolved.”

Continuous Runtime Security Validation is available immediately throughout the UK and Ireland, with a packaged joint offering planned for a later date. The partners also intend to participate in fintech events across Wales and launch a live demonstration environment illustrating the Observe, Detect, Validate cycle, including remediation, retesting and evidence of closure.

Critical Cloud holds ISO 27001 certification and Cyber Essentials Plus accreditation, and is recognised as both a Powered by Datadog accredited partner and Datadog Advanced Partner. Tarian Labs delivers engagements through CREST registered practitioners with sign-off provided at NCSC-recognised CHECK Team Leader (CSTL-INF) level.

 

Share.
Exit mobile version