Demonstrating Enterprise-Grade Security in Finance and AI
About the Client
Kaunt, based in Denmark, provides an AI-driven account coding engine that automates the invoice account coding process for enterprise finance teams. Operating in a high-trust environment, Kaunt serves organizations that demand strict compliance with frameworks like ISO and SOC 2, as well as a demonstrably mature security posture.
As Kaunt scaled its presence in the finance and AI sectors, security became more than just a requirement—it became a key differentiator.
Key Takeaways
Deep collaboration yields stronger results
Early context, clear communication, and technical engagement drive real security improvement.
Security is a trust asset
Third-party validation isn’t just for compliance—it helps close deals and earn long-term client confidence.
Transparency builds loyalty
Kaunt’s leadership valued our ability to deliver tough feedback clearly, and partner across technical and executive levels.
The Challenge
Security That Builds Compliance and Credibility
After reviewing multiple vendors, Kaunt selected Sekurno for our technical credibility, cultural alignment, and ability to tailor engagements to real-world business needs.
When Kaunt first approached Sekurno, they were looking for more than a checkbox exercise. Their goals included:
Earning the trust of enterprise clients through transparent, defensible security practices
Gaining actionable insights through high-quality penetration testing
Fulfilling compliance requirements with ISO and SOC 2 standards
Our Solution
A Multi-Year Partnership Built on Trust and Depth
Our collaboration with Kaunt began in 2023 and has since evolved into a multi-year partnership. Initially focused on backend services, the scope expanded in 2025 to include additional systems and deeper threat modeling—reflecting Kaunt’s growing needs and their confidence in our work. From the outset, we prioritized technical depth, clarity, and strong communication. Key activities included:
Deep-Dive Reconnaissance
We conducted a thorough analysis of Kaunt’s application and infrastructure design, studying internal documentation, participating in demo sessions, and understanding business logic in detail.
Rigorous Planning & Threat Modeling
Our team decomposed the application, mapped data flows, and documented architectural and logic-layer threats. This allowed us to personalize the testing strategy and ensure we weren’t just checking boxes—but testing for real-world impact.
Automated Testing Using Enterprise-Grade Tools
We used SAST, DAST, and SCA tools to ensure broad coverage—followed by manual verification of automated results to eliminate false positives and focus on real risk.
Manual Pentesting & Code Review
We manually assessed the application using OWASP WSTG’s 130+ checks, combined with custom test cases derived from our threat model. This hybrid approach ensured we surfaced both common and business-specific vulnerabilities.
Reporting & Developer Enablement
Our final deliverables included:
-
A comprehensive report tailored for both technical and non-technical audiences
-
A live Q&A session with developers to explain findings, answer questions, and support secure remediation
-
A follow-up test to verify that fixes were properly implemented and risks were mitigated
Results
From Compliance Confidence to Sales Enablement
Our partnership delivered outcomes that reached far beyond technical validation:
High Assurance—Even in the Absence of Critical Findings
Interestingly, we did not identify any critical vulnerabilities in Kaunt’s applications—a rare outcome in our experience.
But this didn’t reduce the perceived value of the assessment.
Finding nothing is only valuable if you trust how deeply someone looked. Demyd Maiornykov
What mattered most was that Mads and his team saw our work as transparent, thorough, and clearly documented.
The clarity of our reports and the level of visibility provided during the process helped build trust—not just with Kaunt, but also with their enterprise clients.
Sales Enablement via Security Trust
Sharing parts of our report with prospects helped Kaunt establish credibility with large enterprise buyers. One client noted, “These guys know what they’re doing.”
Compliance-Ready Reports
Our work supported Kaunt’s ISO/SOC 2 readiness and reassured both internal and external stakeholders.
Increased Security Awareness Across Teams
Kaunt’s developers gained confidence from an external review of their work and left the engagement with greater security fluency.
A Growing, Multi-Year Partnership
In 2025, Kaunt returned for the second year in a row, expanding the scope to include:
Frontend applications
Key infrastructure components
More advanced threat modeling tied to evolving business logic
They also recommended Sekurno to other companies within their group—further reinforcing the trust earned through results.
If you are going to invest in penetration testing, make sure it is more than just a formality. Work with a partner who helps you learn something from the process and improves your actual security. With Sekurno, we received useful feedback and our team became more security aware as a result.
Mads, CTO at Kaunt
Conclusion
Helping Finance and AI Innovators Lead with Security
For companies like Kaunt, working in regulated, data-sensitive environments, security is foundational. By partnering with Sekurno, Kaunt moved from “meeting standards” to demonstrating security maturity—earning trust from some of the most demanding clients in finance.
Want to Turn Compliance into Competitive Advantage?
See how Sekurno turns penetration testing into a strategic advantage for compliance, client trust, and long-term resilience.
Explore Services: