1. At a Glance
Once upon a cybercrime, a hacker turned ethical, built a startup, and now charges enterprises to do what he once did for free — break into systems. TAC Infosec Ltd, the ₹1,628 crore cybersecurity firm that got listed just in April 2024, has pulled off something rare: profitability and swagger. In Q2FY26, revenue shot up 138% YoY to ₹29.5 crore, while PAT spiked 79% YoY to ₹11.7 crore.
Trading at ₹777 (how poetic for a hacker’s number), the stock commands a P/E of 83x, ROE of 41.3%, and ROCE of 43.7%. The company has zero debt, a current ratio of 9.6, and OPMs that make SaaS peers look like NGOs — 57.9% to be precise.
And in true Silicon Valley-meets-Desi style, TAC just dropped two bombshells:
- Its subsidiary Cyberscope has been appointed as exclusive smart contract auditor for Binance’s BNB Chain (2,000+ audits annually).
- It announced a $100 million CAPEX plan till FY30 — the cybersecurity version of a moonshot.
Who said hackers can’t be billionaires?
2. Introduction – From Ethical Hacker to Unicorn Whisperer
If Tata Consultancy Services is your father’s IT company, TAC Infosec is the Gen Z prodigy who codes from a café, gets hacked mid-meeting, and still wins the deal. Founded in 2016 by the now-legendary cyber whiz Trishneet Arora, TAC has transformed from a college dropout’s “hacking club” into a global cybersecurity powerhouse serving banks, governments, and Big Tech.
The company’s journey reads like a Bollywood tech biopic: starting as a small penetration testing outfit, evolving into a full-stack vulnerability management SaaS platform — ESOF (Enterprise Security in One Framework) — and now expanding into blockchain, AI, and quant-based cyber risk scoring.
The FY24–FY25 growth trajectory is wild:
- FY24 revenue: ₹12 crore → FY25: ₹30 crore → TTM: ₹48 crore
- FY24 PAT: ₹6 crore → FY25: ₹15 crore → TTM: ₹24 crore
- FY25 OPM: 50%, NPM: 48%
To put it bluntly, TAC isn’t just growing — it’s compounding faster than ransomware infections.
3. Business Model – WTF Do They Even Do?
TAC’s business model is a hacker’s dream turned into corporate service. They make money by finding, quantifying, and fixing security holes before someone else does. It’s like hiring a thief to guard your house — except this one sends you a PowerPoint report afterwards.
Main Verticals:
- (1) ESOF Platform: The company’s crown jewel. ESOF (Enterprise Security in One Framework) is a risk-based vulnerability management SaaS platform with multiple sub-products:
- ESOF AppSec – Application Security
- ESOF VMP – Vulnerability Management Platform
- ESOF VACA – Compliance Automation
- ESOF PCI ASV – Payment Card Industry compliance
- ESOF CRQ – Cyber Risk Quantification
Together, these tools let clients see their “CyberScore” — the IT equivalent of a cholesterol check-up.
- (2) Penetration Testing: Ethical hacking services for banks, stock exchanges, and corporates. The company is CREST certified, meaning it can ethically hack with international credibility.
- (3) Global Subsidiaries:
- TAC Security Inc (US)
- CyberSandia
