The company claims to have developed an integrated people security management platform under the Threatcop brand. The platform combines security awareness training, phishing simulations, learning management systems, email authentication tools, and incident response capabilities to address human-related cybersecurity risks.
Kratikal Tech offers a real-time DMARC platform with Sender ID visibility, which helps organisations monitor email authentication and identify unauthorised or suspicious senders. This capability can assist enterprises in reducing risks related to domain spoofing and business email compromise (BEC) attacks.
The company claims to provide cybersecurity solutions across multiple security domains, including network, cloud, web application, mobile application, API, and infrastructure security. In addition to technical security assessments, it also offers compliance, governance, risk management, and regulatory advisory services, allowing it to serve clients with varied security requirements.
The company has developed AutoSecT, an AI-driven vulnerability management, detection, and response (VMDR) and penetration testing platform. According to the company, the platform automates asset discovery, vulnerability scanning, risk prioritisation, and remediation guidance, helping improve scalability and consistency in cybersecurity assessments.
Kratikal Tech is empanelled with the Indian Computer Emergency Response Team (CERT-In), which enables it to undertake cybersecurity audits and compliance-driven engagements for regulated sectors. The company is also empanelled by the NSE to conduct system audits for trading members.
The company claims to have dedicated teams across software development, cybersecurity testing, governance, risk and compliance (GRC), customer success, and instructional design. Its security testing team reportedly has expertise in vulnerability assessment and penetration testing (VAPT), secure code reviews, cloud security assessments, red-team exercises, and AI/LLM security testing.
The company has reported consistent growth in its financial performance over the last three fiscal years. Revenue from operations increased from Rs 13.01 crore in FY24 to Rs 20.85 crore in FY25 and Rs 36.71 crore in FY26, while profit after tax increased from Rs 3.20 crore to Rs 3.81 crore and Rs 6.14 crore during the same period.
The company is heavily dependent on its workforce, with employee benefit expenses accounting for Rs 14.05 crore (38.27%), Rs 9.03 crore (43.33%), and Rs 5.15 crore (39.55%) of revenue from operations in FY26, FY25, and FY24, respectively. If the company is unable to attract, retain, redeploy, or upskill cybersecurity professionals, it could adversely affect project execution, profitability, and future growth.
A significant portion of the company’s revenue is concentrated in a few states. The top six states contributed Rs 23.16 crore (63.07%), Rs 16.41 crore (78.71%), and Rs 10.27 crore (78.89%) of revenue in FY26, FY25, and FY24, respectively. Any adverse economic, regulatory, or industry developments in these regions could negatively impact the company's business and financial performance.
The company has reported negative cash flows from investing activities of Rs 9.73 crore, Rs 4.00 crore, and Rs 3.82 crore in FY26, FY25, and FY24, respectively, primarily due to investments in property, plant and equipment, intangible assets, and other investments. It also reported negative cash flow from financing activities of Rs 0.04 crore in FY25 due to repayment of short-term borrowings and interest payments. If such cash outflows continue or increase, the company may face liquidity pressures and require additional funding for its growth plans.
The company operates in the cybersecurity industry, where technology and threat landscapes evolve rapidly. If the company fails to keep up with the latest developments in this area, upgrade existing platforms, or respond to changing customer requirements on time, it could adversely affect its competitiveness and revenue growth.
The company derives a substantial portion of its revenue from a limited number of products and services. Threatcop security awareness training (TSAT) contributed Rs 15.86 crore (43.19%), Rs 8.35 crore (40.05%), and Rs 5.10 crore (39.17%) of revenue in FY26, FY25, and FY24, while vulnerability assessment and penetration testing (VAPT) services contributed Rs 12.84 crore (34.98%), Rs 7.37 crore (35.37%), and Rs 4.99 crore (38.31%), respectively. A decline in demand for these offerings could materially affect the company’s financial performance.
The top 10 customers of the company contributed Rs 11.60 crore (31.60%), Rs 4.56 crore (21.89%), and Rs 3.27 crore (25.11%) of revenue in FY26, FY25, and FY24, respectively. Failure to retain these customers or replace lost business could adversely affect revenue and profitability.
The company has recently incorporated overseas subsidiaries in the UAE and the United States and intends to invest a portion of the IPO proceeds into these entities. Since these subsidiaries are new, any failure to achieve commercial viability or expected returns may adversely affect the company’s growth strategy and financial performance.
A significant portion of the company’s revenue is generated during the fourth quarter of the financial year, accounting for Rs 12.70 crore (34.58%), Rs 6.60 crore (31.65%), and Rs 4.40 crore (33.79%) of annual revenue in FY26, FY25, and FY24, respectively. Any delay or reduction in customer spending during this period could disproportionately impact annual earnings and cash flows.
The company earns a portion of its revenue from international markets, with exports contributing approximately 29% of revenue in FY26. Foreign exchange rate fluctuations, particularly involving the US dollar and UAE dirham, could impact revenues, profitability, and competitiveness in overseas markets.