Critical Cloud and Tarian Labs launch Continuous Runtime Security Validation for fintech firms
Two Welsh specialists help regulated firms move from annual security snapshots to continuous assurance across cloud, AI and production runtime.
Cardiff, Wales, 14th July 2026. Annual penetration tests give fintech firms an important control point, but not enough proof that production is secure today. By the time a report reaches the board, code may have shipped, cloud infrastructure may have changed, and AI features may have entered production. The result is a stale evidence problem for firms that need to satisfy boards, auditors, regulators and enterprise customers.
Critical Cloud and Tarian Labs today announced a strategic alliance to deliver Continuous Runtime Security Validation, a joint service that connects Critical Cloud's Managed Runtime Assurance model with Tarian Labs' practitioner-led offensive security capability, shaped from government, defence and critical national infrastructure experience.
Managed Runtime Assurance is the accountable operation of production applications, cloud platforms and AI systems so they remain observable, secure, resilient, cost-controlled and evidence-ready. For fintech and other regulated businesses, this means security testing is not left as a point-in-time report. Findings move into operational remediation, retesting and proof of closure.
Continuous Runtime Security Validation combines Critical Cloud's Datadog-powered managed operating model with Tarian Labs' practitioner-led offensive security expertise in one improvement cycle: Observe, Detect, Validate. Critical Cloud keeps the production runtime observable, monitored and operationally governed across cloud, observability and AI runtime environments, while Tarian Labs independently challenges that runtime through penetration testing, cloud and infrastructure assessment, web application testing, API testing and retesting. Findings move directly into remediation, retesting and evidence of closure.
Independence is built into the model. Tarian Labs owns testing methodology, findings, severity ratings and retesting. Critical Cloud owns remediation and runtime improvement. All testing runs under written customer authorisation, agreed scope, rules of engagement and controlled evidence handling.
“Detection without validation is hope, not assurance. Fintech firms need more than a pen test report that ages the moment production changes. They need independent evidence that runtime controls work, and a managed operating model that turns findings into fixes.”
James Smith, CEO, Critical Cloud
“Testing should not stop at the report. This alliance gives customers a practical route from offensive testing to remediation, retesting and proof. Critical Cloud operates the runtime layer. Tarian Labs validates it independently. Together, we help customers close the gap between finding risk and proving it has been fixed.”
Kevin Hanford, Co-Founder and CEO, Tarian Labs
Continuous Runtime Security Validation engagements are open now across the UK and Ireland, with a packaged joint offer to follow. Planned joint activity includes Welsh fintech events and a live demonstration environment showing the full Observe, Detect, Validate cycle under controlled attack conditions, including remediation, retesting and evidence of closure.
Critical Cloud is ISO 27001 certified, holds Cyber Essentials Plus, and is a Powered by Datadog accredited partner and Datadog Advanced Partner. Tarian Labs engagements are delivered by CREST registered practitioners and signed off at NCSC-recognised CHECK Team Leader (CSTL-INF) level.
About Critical Cloud
Critical Cloud delivers Managed Runtime Assurance for AI-era software. We operate, secure and govern the cloud, observability and AI runtime layer behind mission-critical products, powered by Datadog, so teams can ship fast while production stays reliable, secure, cost-controlled and evidence-ready. criticalcloud.ai
About Tarian Labs
Tarian Labs is a UK-owned, independent cybersecurity company delivering practitioner-led penetration testing and security assessments across cloud, infrastructure and web applications. Built on 22 years of combined UK defence and Critical National Infrastructure experience. tarianlabs.com
Media contact
Critical Cloud
James Smith
Email: media@criticalcloud.ai
criticalcloud.ai
Tarian Labs
Kevin Hanford
Email: kevin@tarianlabs.com
tarianlabs.com