Expo
This edition the Expo will be themed “Made in Europe”. A variety of of 30 organisations will showcase their innovations here contibuting to Europe’s competitiveness and resilience.
Below you find the exhibitors list in alphabetical order.
Exhibitors list
AdversIQ
75% of companies were hit by a supply chain attack last year. Every company has a digital supply chain, and every company is part of someone else’s. You probably know your ten direct suppliers, but the two hundred to four hundred behind them stay in the dark. Nobody expects another dependency to be critical for their operations, until it is.
AdversIQ looks at your environments the same way adversaries do, from the outside-in. You get an attacker’s perspective of your organisation and its supply chain, so you can start taking control of your digital risks.
Taking control starts with having insights.
ARMA Instruments
ARMA Instruments addresses the critical gap between “secure messaging” and real operational security.
Organizations today rely on encrypted tools, yet remain exposed through metadata, network dependency, and device vulnerabilities. This creates several persistent risks:
- Targeting despite encryption
Even when content is secure, communication patterns reveal who is talking to whom, when, and where.. enabling tracking, profiling, and physical targeting. - Centralized infrastructure risks
Most solutions depend on servers, creating single points of failure, interception, and large-scale compromise. - Persistent identity exposure
Static identifiers (e.g., IMSI/IMEI) allow long-term tracking of individuals and assets across networks. - Future decryption threats
Sensitive data intercepted today can be stored and decrypted later (“harvest now, decrypt later”). - Device-level vulnerabilities
Standard smartphones introduce attack surfaces via radios, interfaces, and complex software stacks. - Operational fragility in high-threat environments
Communications can be disrupted, intercepted, or used against the user in conflict or crisis scenarios.
ARMA solves these by removing metadata leakage, eliminating centralized dependencies, introducing dynamic identity, and hardening both the device and communication layer.
The result: organizations are no longer just protecting messages.. they are protecting people, operations, and decision-making in adversarial environments.
Awareways
Founded in 2012, Awareways operates on a fundamental principle: sustainable cyberresilience is fundamentally driven by human behaviour. Technology and processes only create impact when they are workable and understandable for the people using them. We bridge the gap between social psychology and cybersecurity to facilitate the transition from passive awareness to verifiable behavioral change.
To address the limitation of traditional, compliance-driven methods, we developed Wave: a strategic platform for security behavious management. Built on the philosophy that sustainable resilience occurs at the intersection of technology, processes, and people, Wave has been iteratively refined through intensive application within high-stakes environments since its launch in 2022. This platform serves as the operational backbone for organizations such as the Dutch National Police, various ministries, and multinationals like Heineken and VodafoneZiggo.
In line with the “Made in Europe” principles, we develop our solutions entirely in-house and host our platform locally in the Netherlands. This ensures digital sovereignty, keeping all (behavioral) data within the European legal framework. By controlling our software and hosting infrastructure, we offer a transparent, autonomous and demonstrably European foundation for cyberresilience.
Beyond Products
Beyond Products is the first marketing agency in the Netherlands dedicated specifically to security and IT. We translate buyer research into positioning and go-to-market strategies for organisations such as KPN, Northwave, Ubiqu, Sentyron, DIVD, CCRC & Fraudehelpdesk.
Our work is powered by Security Innovation Stories, a platform where CISOs, CIOs and security decision makers across Europe share their thoughts on innovation, challenges and what drives their decisions. It captures what security leaders genuinely think, in their own words, read by more than 2,000 visitors every month. The platform exists because Europe produces strong security technology, but too little of it reaches the market successfully. Security Innovation Stories was founded to close that gap, by making the voice of the buyer visible to the vendors who need to hear it, and vice versa.
Visit our stand to hear what 300+ security leaders told us, or to share your own story as a guest on the platform.
Brightlyn
Brightlyn – Making cyber security and regulation actionable
In today’s digital landscape, organisations face increasing pressure from cyber threats and rapidly evolving regulations such as NIS2 and DORA. Many know what is required, but struggle to translate these obligations into practical action.
Brightlyn helps organisations turn cyber security and regulatory compliance into a strategic advantage. We combine deep expertise in cybersecurity, IT auditing, and regulatory frameworks to deliver solutions that are clear, pragmatic, and effective in practice. Our focus is not on ticking boxes, but on protecting the business processes that matter most.
From risk assessments and control frameworks to implementation support and independent assurance, we provide an end to end approach that strengthens resilience and builds lasting trust.
At ONE Conference, we go beyond advisory.
We showcase our GRC platform: a next generation solution that translates complex regulations into real execution. Instead of static frameworks and spreadsheets, organisations get dynamic workflows, real time insights, and AI supported guidance to prioritise risks, implement controls, and continuously demonstrate compliance.
No more guesswork. No more compliance theatre.
Just clarity, control, and speed built for organisations that need to move forward.
Visit our booth and experience how compliance becomes actionable.
Dawnguard
Dawnguard’s mission is to redefine cybersecurity with a platform that enables true shift-left security, from day zero to day 10,000. Dawnguard is a next-generation cybersecurity platform purpose-built for secure-by-design cloud architecture by integrating AI and automation into the earliest phases of system design and throughout the cloud lifecycle.
C-SOC
C-SOC (Cretan Security Operations Center) is a four-year project funded by the European Union and implemented by the Foundation for Research and Technology – Hellas (FORTH), aiming to strengthen cybersecurity resilience.
At Conference 2026 EXPO, C-SOC will showcase a range of innovative cybersecurity and threat detection solutions and services, including:
- Continuous monitoring and attack detection (EDR) for systems and endpoint devices, supported by active assistance and comprehensive security reporting.
- Threat Intelligence services based on honeypots and the analysis of real-world network attacks, providing actionable operational insights and preventive cybersecurity consulting.
- AI-powered analytics platforms and tools capable of identifying even low-profile and sophisticated threats in real time.
C-SOC combines applied research with operational expertise, enhancing the digital defense capabilities of public and private organizations while providing valuable intelligence for the prevention, detection, and management of cyber threats.
DMARC Advisor
Stop email fraud and reclaim control over your domain with DMARC Advisor, Europe’s leading authority on email security. In an era where phishing and spoofing remain the top vectors for cyberattacks, simply having a firewall is no longer enough.
DMARC Advisor empowers organisations to move beyond basic security by implementing the Domain-based Message Authentication, Reporting, and Conformance (DMARC) standard. Our mission is to make the complex world of email authentication transparent and manageable. Through our specialised platform, we translate massive amounts of raw data into actionable insights, helping you identify legitimate senders versus malicious actors using your brand’s reputation.
We don’t just provide a dashboard; we provide a roadmap to a “p=reject” policy, the gold standard of protection that ensures only authorised emails reach their destination. By securing your outbound mail, you protect your customers, improve your deliverability rates, and safeguard your brand’s integrity.
Visit our booth to discover why organisations like the EU, Rabobank, Achmea, PostNL, and many more trust us to navigate the DMARC lifecycle. Let us help you shut the door on impersonation and make the internet a safer place.
Secure your identity with DMARC Advisor.
DNV Business Assurance B.V.
Our Cybersecurity, Governance & Resilience Certification Programme offers a uniquely European approach to developing future-proof cybersecurity talent. Designed and governed entirely in Europe, this vendor-neutral certification ecosystem brings cyber defence, secure development, governance, continuity, privacy, and crisis leadership together into a single coherent capability framework.
Unlike fragmented, globally standardised certifications, the programme follows a role-based, vertically integrated pathway that enables professionals to progress from foundational to expert levels. All certifications are aligned with the European Cybersecurity Skills Framework (ECSF), providing organisations with clear, transparent competence levels directly mapped to EU regulatory expectations under NIS2, DORA and the Cybersecurity Act.
Rooted in European principles and grounded in principle-based educational thinking, the programme goes beyond checklists and procedures. All course material is created by active experts in the field. It develops professionals who demonstrate practical skills, sound judgement, ethical reasoning, and adaptive decision-making, all essential qualities in today’s complex threat landscape.
Originating in the Netherlands and building on expertise developed since 2008, the programme has become a leading European knowledge institute for cybersecurity and continuity certifications. For organisations seeking resilient teams, regulatory readiness and long-term digital sovereignty, the SECO-Institute programme delivers a trusted, distinctly European certification ecosystem.
EcleticIQ
Founded in 2014, EclecticIQ is a global leader in threat intelligence technology and services, empowering organizations to defend against advanced cyber threats in an ever-evolving digital landscape.
We partner with security teams globally, delivering our Intelligence Center™ platform to help cyber defenders make faster, smarter decisions against advanced cyber threats. At the core of our approach is the Intelligence Compass™, a groundbreaking capability which maps threats directly to each organization’s unique risk profile. By helping defenders focus on what truly matters, it reduces alert fatigue and ensures cybersecurity efforts align with strategic business priorities.
Trusted by governments and some of the world’s most targeted sectors including finance, telecommunications, aviation, and critical infrastructure, EclecticIQ’s combat- proven platform is designed by experienced defenders from the NSA, US Cyber Command, and Dutch Intelligence.
Intelligence Center™ provides a unified workspace for CTI and SOC teams, significantly reducing response times and operational complexity while meeting national security-grade standards.
Headquartered in Amsterdam with teams across Europe, North America, and APAC, EclecticIQ is building a safer digital future where businesses operate with confidence, resilience, and clarity in their cybersecurity posture.
Visit www.eclecticiq.com or follow us on LinkedIn and X for more information.
ESET Nederland
ESET, the largest European cybersecurity company from the European Union, delivering advanced digital protection for over 30 years. Our mission is simple: to prevent cyberattacks before they happen. By combining AI-driven technology with human expertise, we stay ahead of both known and emerging threats, protecting businesses, critical infrastructure, and individuals worldwide.
Our AI-native, cloud-first solutions cover endpoint, cloud, and mobile environments, and are designed to be both highly effective and easy to use. ESET’s award-winning technology includes advanced detection and response, ultra-secure encryption, and multi-factor authentication. In addition, our managed MDR and SOC services provide 24/7 real-time protection, supported by strong local expertise to keep organizations secure and operational without disruption.
With 11 global R&D centers and decades of cybersecurity knowledge, we are deeply committed to scientific research and reliable Cyber Threat Intelligence. This enables us to continuously innovate and respond to the rapidly evolving digital landscape.
Our core values; integrity, reliability, passion, and courage are at the heart of everything we do. We believe in a positive digital future and help people and organizations use technology safely to drive progress and growth, with social responsibility embedded as an integral part of our strategy and the way we operate through a strong global partner network.
Fox IT
TBA
Greenbone
OPENVAS, part of the German company Greenbone AG, has been developing open-source vulnerability management solutions for more than 15 years. Backed by the world’s largest vulnerability coverage and proven through long-standing collaboration with the German Federal Office for Information Security (BSI), OPENVAS is trusted by public sector organizations, critical infrastructure operators, and compliance-driven industries across Europe – built for today’s regulatory landscape.
Knowing where your vulnerabilities are is only the starting point. What organizations need is the ability to turn that data into decisions, documentation, and demonstrable control.
OPENVAS SECURITY INTELLIGENCE is the central management and intelligence layer for distributed vulnerability scanning, consolidating scan results, orchestrating distributed scan environments, and enriching findings with context from trusted intelligence sources, CSAF advisories, and SBOM analysis.
Built on an open-source foundation, it ensures full transparency, data sovereignty, and independence from non-European providers.
Hackify
Hackify is a Dutch cybersecurity company that helps organizations identify and reduce digital risks through offensive security, penetration testing and phishing resilience.
Through Pentests.nl, our dedicated pentesting label, we perform security tests on web applications, APIs, mobile apps, IT infrastructure, Active Directory environments, business networks, attack surfaces and DigiD-related environments. Our assessments combine automated analysis with manual testing and realistic attack scenarios, resulting in clear reports and actionable recommendations.
In addition to our security testing services, we develop practical innovations for emerging cyber risks. One of these innovations is https://redactprompt.com/, a browser-based solution that detects and protects sensitive information before it is shared with AI chatbots such as ChatGPT, Copilot, Gemini and Claude.
By combining hands-on security expertise with pragmatic tooling, Hackify helps organizations strengthen their security posture and use new technologies more securely.
Hadrian
Hadrian is an external exposure management provider that pioneered the AI attacker’s perspective approach. Its agentic engine offers frictionless always-on discovery, validation, and mobilization of organization’s most critical cyber risks.
Trained by elite hackers with top offensive knowledge, Hadrian adapts the organization’s unique environment to continuously probe, discover and validate the risks that attackers can actually exploit.
HarfangLab
HarfangLab is a global cybersecurity provider specializing in endpoint protection against known and unknown threats. Founded in 2018, HarfangLab detects 100% of attacks and neutralizes them on workstations and servers.
Its EDR was the first to be certified by the French National Cybersecurity Agency (ANSSI) and by the German Federal Office for Information Security (BSI). A Forrester Notable Vendor, HarfangLab protects hundreds of customers worldwide, including public administrations and companies of all sizes that depend on its EDR, EPP, and ASM solutions to secure their workspaces.
Your security, your choice: deploy complete detection and response via the Cloud, Hybrid, or On-Prem. The HarfangLab platform integrates natively with industry-leading security tools, leverages in-house AI, is fully operable via API, and ensures full transparency into data and detection rules – delivering strategic autonomy for SOC teams and the workspaces they defend.
Herocenter/Northwave
CyberHeroes security awareness programme developed in cooperation between HeroCenter and Northwave Cyber Security that helps organisations move from awareness to real, measurable behavioural change. Instead of focusing on one-size-fits-all training, CyberHeroes puts people at the centre, using psychology, storytelling and gamification to activate employees and make cybersecurity relevant to their daily work.
Employees learn through interactive, realistic scenarios, such as recognising and responding to phishing, making cyber risks tangible and directly applicable in practice. The programme adapts to different knowledge levels, ensuring that learning remains engaging, relevant, and effective for every individual.
CyberHeroes focuses on developing secure behaviour, not just knowledge. It enables organisations to measure growth and behavioural change through data-driven insights, while continuously updating content based on the latest threat landscape and frontline expertise of the experts from Northwave.
By embedding cybersecurity into everyday behaviour, CyberHeroes helps organisations build a culture where employees actively contribute to reducing human risk and strengthening overall resilience.
Key2XS
Key2XS – Identity Governance for Physical Access to Critical Infrastructure
Key2XS is a European cybersecurity software company that helps critical infrastructure organizations govern physical access with the same rigor as digital access.
Our platform acts as the Identity Governance Layer for physical access, connecting leading Identity and Access Management (IAM) solutions with smart key and locking systems. This enables organizations to manage access to substations, telecom sites, water facilities, rail infrastructure, data centers, and other critical assets through a single identity-driven framework.
As regulations such as NIS2 and CER increase the focus on accountability and resilience, organizations need full visibility into who has access to which assets, why they have access, and when that access should be revoked. Key2XS delivers this visibility through automated provisioning, policy-based access control, and comprehensive audit trails.
Built in Europe and designed for Europe’s critical infrastructure sector, Key2XS helps energy, telecom, transport, water, and government organizations reduce risk, strengthen compliance, and improve operational efficiency.
We believe that access is access, whether digital or physical, and that both should be governed by the same identity, policy, and security framework.
Keypasco
Keypasco offers a Multi-Factor Authentication solution built on Zero Trust Principles that integrates with FIDO2 and FIDO UAF Standards, providing highly secure, phishing resistant, password-less and origin-bound log-in experience.
Designed and developed in Sweden in 2011, with patents in 16 countries, today embedded in the European cybersecurity ecosystem through our European headquarters at the HSD Campus in The Hague.
Keypasco embraces the three most crucial pillars of Zero Trust Architecture:
- Identity Verification: Robust MFA / FIDO2 – FIDO UAF password-less authentication.
- Device Verification: Scans and store unique device properties on Keypasco authentication server for device verification at each login.
- Risk Assessment: Risk scoring of user device at each login, by device digital properties, geo-velocity check, if the device is compromised.
Today, our solution is used by more than 10 million users in 12 different sectors, including Finance and payment, eGovernment, Education, Enterprise hybrid workforce and supply chain:
- No PII stored: no valuable end-user information to steal.
- Support FIDO2 WebAuthn and CTAP protocols, Phishing resistant and mitigate faked website attacks.
- Sign What You See via second independent E2EE channel, mitigating MiTM, MiTB, AiTM attacks.
- For industry/services within critical infrastructure, Keypasco can fulfil strong ID-verification, Device-verification and Risk assessment.
Lanner
Lanner is a world-leading hardware provider in design, engineering, and manufacturing services for network and cyber security applications. Lanner provides CRA and IEC-62443-1 compliant solutions, designed for mission critical security operations. And now, made in Europe.
Mind Your Pass
Offensys
Organizations invest heavily in defensive capabilities, yet proving their operational effectiveness remains a systemic challenge. As technology environments and attacker tradecraft rapidly evolve, previously functional detections often silently regress. Traditional assessments provide valuable but point-in-time assurance, leaving security leaders without visibility into their day-to-day resilience.
Phantom's Lab
The new generation of cyber security awareness.
We go beyond compliance and make the step from check-the-box training to real behavioural change. With our award-winning combination of microlearning, gamification and storytelling, learning becomes engaging and fun.
www.phantomslab.io
Platform Internetstandaarden
Modern internet standards such as TLS, DMARC and security.txt make the internet more accessible, safer and more reliable for everyone. For instance, they protect against eavesdropping and phishing, and assist security investigators in reporting vulnerabilities in websites or IT systems. However, these standards are still underused and not always implemented correctly.
Internet.nl helps you check whether your internet is up to date. Do your website, email and internet connection use modern and reliable internet standards? If not, what can you do about it?
As well as offering a website for testing individual domain names, Internet.nl provides an API and a web-based dashboard for testing multiple domain names. More than 13 million tests were carried out using these tools in 2025 alone.
Internet.nl’s source code is publicly available under an open-source licence, enabling global reuse and encouraging collaboration. Websites such as top.nic.br (Brazil), sikkerpånettet.dk (Denmark) and internetkollen.se (Sweden) are based on Internet.nl’s source code.
Internet.nl is an initiative of the Dutch Internet Standards Platform, a public-private partnership between parties from the Internet community and the Dutch government that promotes the use of modern internet standards.
Q*Bird
Q*Bird is a Netherlands (Delft)-based leader in quantum secure communications, building ultra-secure networks that safeguard critical infrastructure today and prepare organisations for the quantum internet of tomorrow. Q*Bird serves critical infrastructure organisations across Europe including defense, finance and telecoms, securing their mission critical data against quantum threats.
Our unique technology enables ultra-secure communication networks for critical infrastructure and commercial use.
Q*Bird’s network technology uses the laws of quantum physics to provide proven secure cryptography keys that are immune to interception, ensuring your data remains safe from eavesdropping. Our Falqon® Series delivers a next-generation solution for Measurement Device Independent Quantum Key Distribution (MDI-QKD), offering unequalled security, scalability and flexibility without relying on trusted nodes, ensuring your data stays protected in transit, now and into the quantum future.
As we secure today’s networks against quantum threats, we are building toward the future, developing technologies that will enable the quantum internet, including connectivity solutions for quantum processors, modems and sensors. This ensures organisations are prepared for the advent of the quantum internet and ready to harness its full potential.
Join us at the forefront of quantum innovation and learn how the Falqon® Series can protect your organisation from data breaches and future-proof your network security against quantum threats.
Sectra
In an era of ever-increasing digitization and security threats, it’s more important than ever to have the appropriate security solutions in place for your organization. At Sectra, we understand your need for trustworthy and state-of-the-art secure communication systems for your daily operations, as well as for unexpected crisis situations.
For nearly 50 years, we have been a leading provider of secure communication solutions for defense organizations, civil authorities, and corporations.
Our NATO- and EU-approved products enable our customers to securely exchange confidential information and communicate—up to and including the TOP SECRET classification level.
Sectra’s secure communication solutions also allow your organization to facilitate collaboration nationally and internationally.
Based in Europe, we design, develop and produce all products here. We are proud to play a vital role in providing trustworthy and secure communication solutions that protect your most critical information.
Secure communication. Trusted since 1978.
Secu mailer
SecuMailer – Secure Email, Made in Europe
SecuMailer is a Dutch-owned SaaS platform for secure email, founded in 2017. As a Qualified Trust Service Provider (QTSP) under EU supervision, we are part of Europe’s critical digital infrastructure.
Our mission: deliver the most user-friendly secure email solution — combining strong security with ease of use, so recipients (citizens, patients, clients) need no technical knowledge to receive confidential messages.
What we showcase at ONE Conference 2026: This year, SecuMailer is available in the Dutch Private Cloud — eliminating dependency on US cloud providers and ensuring full cloud sovereignty. This innovation is already being piloted with government customers.
Key capabilities: Secure email, Qualified Registered eMail (qReDS), End-to-End encryption, Secure large file sharing, DLP, Mailmerge, and API integrations. We also have a mature Post Quantum Resilience strategy.
Compliance: NIS2, GDPR, DORA, eIDAS2, BIO2 — fully supported. Certified for ISO 27001, SOC 2 Type 2, NEN 7510, NTA 7516, and the ECSO label.
Trusted by Dutch government bodies, municipalities, healthcare organisations, and financial institutions.
SonicBee
Founded in the Netherlands in 2020, Sonic Bee is a boutique consultancy specialised in Identity and Access Management (IAM). With a team of over 30 IAM experts across the Netherlands and Germany, Sonic Bee helps organisations strengthen security, improve compliance, and enable digital transformation through modern IAM solutions.
Sonic Bee combines strategic advisory services with hands-on implementation and operational support across the full IAM lifecycle. Its expertise covers Governance & Strategy, Identity Management, Authorisation Management, Access Management, Privileged Access Management, and Managed IAM Operations. The company supports organisations in reducing cyber risk, automating identity processes, and gaining better control over access to critical systems and data.
By combining deep IAM expertise with strong technology partnerships, Sonic Bee delivers practical and scalable solutions tailored to complex enterprise environments. The company also provides broader security services, including security strategy, ISO 27001 implementation, and CISO as a Service.
TMPO
TBA