CARDIFF, UK, July 14, 2026 – Critical Cloud and Tarian Labs have entered into a strategic partnership to help fintech businesses continuously validate the security of live production systems. Their new Continuous Runtime Security Validation service replaces the limitations of annual penetration testing with ongoing verification that keeps pace with software releases, cloud updates and AI deployments.
The offering combines Critical Cloud’s Managed Runtime Assurance service with Tarian Labs’ offensive security expertise, developed through work supporting government, defence and critical national infrastructure organisations.
Managed Runtime Assurance provides ongoing operational management for production applications, cloud platforms and AI environments, helping organisations maintain security, resilience, visibility, cost control and regulatory readiness. Rather than producing a static assessment, security findings become part of a continuous process of remediation, validation and documented resolution.
Continuous Runtime Security Validation integrates Critical Cloud’s Datadog-powered operating model with Tarian Labs’ offensive testing capabilities using an Observe, Detect, Validate cycle. Critical Cloud delivers operational oversight and monitoring across production cloud and AI environments, while Tarian Labs independently performs penetration testing, cloud and infrastructure assessments, web application testing, API security testing and verification activities. Results feed directly into remediation, retesting and evidence that corrective actions have been completed.
The alliance preserves independent responsibilities throughout the engagement. Tarian Labs controls testing methodology, findings, severity ratings and retesting, while Critical Cloud leads remediation and runtime optimisation. All work is conducted under customer approval, agreed scope, documented rules of engagement and secure evidence management.
“Detection without validation is hope, not assurance,” said James Smith, CEO of Critical Cloud. “Financial technology companies require more than a report that is out of date as soon as production changes. They need ongoing evidence that security controls continue to perform effectively.”
“Producing a report is only one step in the security process,” said Kevin Hanford, Co-Founder and CEO of Tarian Labs. “By combining independent testing with operational remediation, we help customers move from identifying vulnerabilities to proving they have been resolved.”
The new service is available immediately throughout the UK and Ireland. A packaged joint offering is planned, alongside fintech events in Wales and a live demonstration environment highlighting the Observe, Detect, Validate process through controlled attack scenarios, remediation, retesting and evidence collection.
Critical Cloud holds ISO 27001 certification, Cyber Essentials Plus accreditation, and is recognised as both a Powered by Datadog accredited partner and Datadog Advanced Partner. Tarian Labs delivers services through CREST registered practitioners with sign-off at NCSC-recognised CHECK Team Leader (CSTL-INF) level.




