Brian Onell's father was a locksmith. As for One, he described himself as a digital equivalent.
Ethical hacking was growing in One's hobby. He studied AI in college and changed his hacking hobby into a profession. “I spent 10 years with over 150 companies in all sectors,” One told TechCrunch, adding that it continues to easily infiltrate businesses that have passed security checks.
One has noticed that security often falls within two parentheses. He said it was painful but effective, or it was painless but ineffective. Most companies did the bare minimum in cybersecurity and compliance, as they often required a lot of work, tools and talent to provide effective security defenses.
One's client kept asking if he could provide a solution to their problem, so he tried it.
In 2022, he teamed up with his wife, Ora and university friend Eric Vogelzan to launch Oneleet, an all-in-one security compliance platform. Startups aim to help other companies get security certifications and become faster and safer.
One tells TechCrunch that most existing compliance platforms are evidence collection tools that import data from a variety of products and pay for them before using Voila. – Spit out a security certificate saying it's safe.
“The outcome is a compliance theater,” One tells TechCrunch. “You're certified on paper, but you're still vulnerable.”
TechCrunch Events
San Francisco | October 27-29, 2025
Oneleet is different, Oneel said. The platform includes a range of security tools, including penetration testing, code scanning, cloud data security, attack surface management, and security training.
“It's integrated from the ground up, so clicking on the button allows for comprehensive security deployment,” continued One. “It saves clients hundreds of hours and eliminates blind spots that arise from managing fragmented tools.”
Oneleet partners with independent auditors to provide formal certification reviews.
On Thursday, Oneleet announced it had raised a $33 million Series A funding round led by Dawn Capital to help its business grow. One called his fundraising process “easy” and said he met Dawn Capital in San Francisco.
“They already had a deep knowledge of the security and compliance space and they quickly understood what we were building at Oneleet, so there was an immediate alignment,” Onele said.
Other investors in the round include Y Combinator, Dropbox co-founder Arash Ferdowsi, and former CEO of Snowflake and ServiceNow, Frank Slootman. Oneleet joined the Y Combinator class in Spring 2022, saying two-thirds of VC company portfolio companies are currently clients.
Competitors in this area include Vanta, Secureframe and Sprinto. Oneleet has reached $3 million in recurring revenue per year, raising a total of $34 million to date.
Fresh cash injections are used to expand Oneleet's engineering team, expand AI capabilities, and find ways to reach more customers. The goal is to end security theatres with compliance, he said defense against cyberattacks is more important than ever.
One said AI is rescaling the scale of cyberattacks. For example, he said that while advanced bad actors automate cybercrimes, novice hackers are lowering bars to attack with malicious attacks.
He said businesses are also reckless, allowing AI to access business critical information without the need for proper guardrails, even using “vibe coding” tools. In the world of compliance, he said that companies can use AI to generate fake documents to make their businesses appear safer.
According to Onel, his company uses AI very much, tackles the background of threat modeling and other security assessments, and helps them develop policies. However, he said that clients don't hallucinate because the company has a team of people who check the information. “We're responsible for that,” he said.
“Good security should be invisible,” continued One. “Companies need to spend more time building a great product worrying about security. There's a shot in helping them protect themselves more effectively than ever.”