Founded in 2011 by a group of former local government IT professionals, Pentagull was born out of a desire to build software that truly understood the challenges faced by councils. Having worked inside local government, the founding team recognised the gap between suppliers and the public sector’s real-world needs.
When COVID-19 struck, Pentagull’s agility set them apart. Their bespoke booking system, once a niche product, became essential as local councils scrambled to reopen services safely through appointment-only systems. The company’s rapid growth during this period emphasises the importance of trust, resilience, and critically, security.
“We suddenly became much more high-profile,” says John Bent, Company Director and Lead Software Developer at Pentagull.
“We wanted to make sure our software was up to scratch from a security point of view, and our customers wanted verification that we were taking security seriously. That’s where OnSecurity came in.”
The Security Challenge
As a small but growing software company working closely with public sector organisations, Pentagull needed a reliable penetration testing partner who could deliver both technical excellence and commercial transparency.
The team had never undergone human-led penetration testing before, and with limited cybersecurity budgets, they needed a provider that could make the process simple, affordable, and accessible.
“We didn’t want to go with a huge company that wouldn’t understand our challenges as a small business. OnSecurity felt like the perfect fit, transparent, easy to work with, and incredibly responsive.”
The Solution
From the very first engagement, OnSecurity’s platform-first approach made the process seamless.
John recalls being impressed that he could get instant estimates and explore the platform even before speaking to a sales rep, a transparency that built confidence from day one.
The collaboration grew over multiple years, evolving into an annual testing partnership where Pentagull and OnSecurity’s teams worked hand-in-hand to strengthen the platform’s security posture continuously.
Accessibility also became a shared focus. John, who is blind, highlighted a few challenges with certain platform widgets early on, issues that OnSecurity’s development team swiftly addressed.
“Accessibility is a big factor for me, and sadly, it’s still not universal. Your team actually listened, made improvements, and within a couple of months, I had a version to test that worked perfectly. That gave me real confidence that if I ever spot something else, it’ll get sorted.”
Collaborating for Continuous Improvement
With a small team of three developers, Pentagull operates a tight workflow. When findings come through, they are ticketed internally, discussed, and resolved quickly, often before the test is even complete.
The real-time reporting and unlimited free retesting built into OnSecurity’s platform have saved significant time and cost.
“We’ve even had instances where our team fixed a finding and got it retested before the end of the test itself,” says John.
“The level of detail your testers provide, screenshots, reproduction steps, and explanations, means we rarely ever need clarification. It’s a massive time saver.”
Pentagull’s structured three-month release cycle ensures fixes are efficiently rolled out to all customers, and the integration of findings into their ticketing system has streamlined the remediation process.
The Results
The impact of OnSecurity’s platform and people has been clear:
- Faster remediation – Detailed findings and instant retesting have reduced turnaround times for fixes.
- Increased customer trust – Pentagull now shares pentest reports and remediation responses directly with councils, building confidence and transparency.
- Ongoing accessibility improvements – The platform continues to evolve with inclusivity at its core.
- Simplified annual testing – A trusted, repeatable process that supports Pentagull’s security and compliance goals year after year.
“We see OnSecurity as a trusted partner. Every test has been smooth, the communication has been excellent, and the transparency in pricing and process is second to none.”
Why Pentagull Recommends OnSecurity
“Most definitely, we would recommend, yes. The transparency, the quality of your people, and the thoroughness of your testers really stand out. You clearly understand our product because your findings make sense in context – you’re not just ticking boxes. It’s a genuinely collaborative relationship.”
John cites a recent example where OnSecurity’s testers identified a subtle form input bypass, an issue that could have been easily overlooked but demonstrated deep contextual understanding.
“Most definitely yes. The transparency, the quality of your people, and the thoroughness of your testers really stand out. You clearly understand our product because your findings make sense in context – you’re not just ticking boxes. It’s a genuinely collaborative relationship.”
“It gave us confidence that your testers were really putting our product through its paces and thinking critically about how it could be exploited.”
The Experience Summed Up
“Working with OnSecurity has been very low-stress, seamless, cost-effective, and incredibly professional. You’re dealing with very technical people on both sides, but the way it all runs just works. That’s why we’ll keep coming back year after year.”
