Company history/background
The platform was developed by a team with an exceptional combination of expertise: a psychologist with a PhD and a highly experienced IT specialist. Based on the conviction that cybersecurity is not just a technical issue but primarily a human behavioral problem, a scientifically based methodology has been translated into a modern, scalable SaaS platform.
The development took several years, during which the Q methodology—an established scientific research method from psychology—was adapted and validated for application in cybersecurity. The result is a fully operational platform ready for commercial rollout.
The reason for the sale is clear: the founders possess excellent scientific and technical capabilities, but lack the commercial clout to launch the platform on a large scale. Therefore, the company is seeking a buyer who can translate this strong foundation into commercial success.
Company activities
B2B SaaS platform that helps employers measure employee cybersecurity resilience . Core activities:
Scientifically proven risk profiling per employee and department/company based on susceptibility to phishing, social engineering and data leaks
Automated cluster analysis that identifies behavioral patterns within teams, with AI-generated management reporting and recommendations
Unique Q-Methodology assessment: card sorting test with 42 statements that provides a more in-depth picture than traditional questionnaires
Multi-tenant architecture suitable for direct sales and white-label/reseller deployment by IT service providers and security companies
Multilingual (NL/EN), easily expandable
The methodology enables targeted application of cybersecurity training , as well as measuring the effectiveness of training and (very topical) identifying employees at risk of becoming victims of cybercrime.
Unique selling points
Scientific basis : actually measures behavioral patterns via Q methodology, not a simple awareness quiz
Unique intellectual property : validated test items, scoring algorithms, and methodology are transferred. Not available elsewhere, significant barrier to entry
From measurement to action : Automatically identify risk clusters with AI-generated management reporting and prioritized action items
Scalable revenue model: one-time and subscription prices, differentiated by volume, from SME to enterprise
NIS2-relevant : direct fulfillment of the legal obligation to demonstrably work on cybersecurity awareness
Modern technical foundation : Rails 8, PostgreSQL, enterprise-grade multi-tenancy, fully documented
Other
Fully developed and operational – no further development costs required before launch.
The transfer includes: full source code and documentation, intellectual property (methodology, test items, algorithms), technical infrastructure, deployment configuration and scientific substantiation.
Founders are willing to undergo a transition period and/or further development/integration. Multi-tenant architecture supports a very large number of customers without modification.
The ideal buyer has commercial clout in B2B, preferably with an existing network in IT security, HR technology, or compliance services. Consider ISO 27001 or IT service providers, MSSPs, HR consultancies, or compliance advisors who offer the platform as a supplement to their portfolio. Experience with SaaS sales to SMEs/enterprises is a plus.
A strategic buyer can directly integrate the platform into an existing proposition and accelerate revenue generation.
Personal data
- MBI candidate
- Strategic acquisition