Critical Cloud has formed a strategic partnership with Tarian Labs to launch Continuous Runtime Security Validation, a service that enables fintech organisations to maintain ongoing assurance that production environments remain secure. The joint offering is designed to replace the limitations of periodic penetration testing with continuous validation that reflects the pace of modern cloud, application and AI change.
The collaboration brings together Critical Cloud’s Managed Runtime Assurance service and Tarian Labs’ practitioner-led offensive security expertise, built through work supporting government, defence and critical national infrastructure.
Managed Runtime Assurance provides continuous oversight of production applications, cloud platforms and AI systems, helping organisations maintain visibility, resilience, security, operational efficiency and regulatory readiness. Rather than ending with a report, security findings move into remediation, retesting and documented verification.
Continuous Runtime Security Validation combines Critical Cloud’s Datadog-powered managed operating model with Tarian Labs’ independent security assessments through an Observe, Detect, Validate approach. Critical Cloud manages monitoring, governance and operational visibility across production environments, while Tarian Labs delivers penetration testing, infrastructure reviews, cloud security assessments, web application testing, API testing and validation. Every issue progresses through remediation before being independently retested and confirmed as resolved.
Each organisation has clearly defined responsibilities. Tarian Labs remains responsible for testing methodology, findings, severity ratings and verification, while Critical Cloud oversees remediation and continuous runtime improvements. All work is delivered with customer approval, agreed scope, documented rules of engagement and controlled evidence management.
“Detection without validation is hope, not assurance,” said James Smith, CEO of Critical Cloud. “Security must be measured continuously, especially for regulated fintech organisations that operate in rapidly changing production environments.”
“Testing creates value when organisations can demonstrate that issues have been resolved,” said Kevin Hanford, Co-Founder and CEO of Tarian Labs. “This partnership connects independent testing with operational remediation and verification, helping customers prove that security improvements have been completed.”
The service is available immediately throughout the UK and Ireland. The companies also plan to introduce a packaged offering, participate in fintech events across Wales and launch a demonstration environment showcasing the Observe, Detect, Validate methodology under controlled attack conditions.
Critical Cloud is ISO 27001 certified, holds Cyber Essentials Plus accreditation, and is a Powered by Datadog accredited partner and Datadog Advanced Partner. Tarian Labs delivers services through CREST registered practitioners with sign-off at NCSC-recognised CHECK Team Leader (CSTL-INF) level.
