Passguard reveals hidden cyber risks no one sees
Story
“We realised how much stolen digital access was circulating online — far beyond what organisations were aware of. That was the moment we knew we had to act.”
— Tom Leijte, Co-founder & CEO, Passguard
Long before most cyber incidents become visible, the first signs of compromise often appear deep in the cyber underground: dark-web marketplaces where criminals trade stolen passwords, browser sessions and authentication tokens. The Delft-based cybersecurity startup Passguard brings transparency to this hidden layer of the internet. Supported by YES!Delft and powered by the growing cybersecurity ecosystem in The Hague and Zuid-Holland, Passguard enables organisations to detect cyber threats before attackers reach their systems.
Passguard is exactly the kind of innovation supported by the new Cybersecurity Incubation Program launched by YES!Delft, Municipality of The Hague and InnovationQuarter; an initiative designed to strengthen Europe’s digital resilience and accelerate high-potential cybersecurity startups.
The innovation value
Cyberattacks are becoming more sophisticated, and organisations must defend against evolving threats. While traditional breaches often involved stolen passwords, today’s cyber risks increasingly come from infostealer malware. This malware infects personal, remote and unmanaged devices — areas that sit outside most corporate security frameworks — and silently captures login credentials, browser sessions and authentication tokens.
These stolen sessions are extremely valuable on the dark web, offering attackers almost instant access to cloud applications and internal systems, sometimes bypassing passwords entirely.
Passguard’s solution is unique. Instead of relying on purchased stolen datasets, the startup uses verified, long-standing profiles inside multiple underground criminal communities. This gives the company early, real-time insight into where stolen digital access is being traded.
With this intelligence, Passguard delivers early-warning notifications that allow organisations to revoke compromised access before cybercriminals can exploit it. This approach offers:
- More reliable intelligence than traditional threat-data sources;
- A more ethical model that avoids supporting criminal marketplaces;
- A proactive defence layer that strengthens an organisation’s cyber posture;
By addressing stolen access at its origin, Passguard enhances the industry’s ability to detect and stop cyber threats earlier in the attack chain.
Impact and future growth
As hybrid and remote work continue to shape how organisations operate, personal and unmanaged devices have become a significant source of cyber risk. Infostealer malware, now one of the fastest-growing global cyber threats, often spreads unnoticed across home laptops and personal computers. Even organisations with mature security frameworks can be exposed without realising it.
Passguard addresses this vulnerability by detecting stolen credentials, compromised browser sessions and active authentication tokens before they are exploited. This early detection greatly reduces the likelihood of ransomware attacks, account takeovers and data breaches. By providing visibility into dark-web markets where this access is traded, Passguard strengthens the digital resilience of private companies, public institutions and critical infrastructure across Europe.
The startup’s momentum reflects the urgency of this societal need. Since onboarding its first customer in March 2023, Passguard has tripled its annual recurring revenue, secured new investment and expanded to a five-person team. The next phase of growth includes deepening partnerships with managed service providers, expanding its footprint within Europe’s cybersecurity landscape and preparing for a follow-up funding round.
“Our long-term ambition is to become Europe’s leading dark-web intelligence company,” says co-founder Leijte. “This is only the beginning.”
Growing in Europe’s strongest cybersecurity ecosystem
Passguard’s development shows how quickly cybersecurity solutions can advance when they are embedded in the right environment. Its trajectory reflects a broader need among early-stage cybersecurity startups for structured support, precisely what the Cybersecurity Incubation Program is designed to offer.
By placing startups within a well-connected and practice-oriented ecosystem, the program helps them validate their technologies faster and accelerate their path to market. Rooted in The Hague’s established cybersecurity ecosystem, the program places startups in a setting where public institutions, research organisations and international partners work side by side on digital security challenges. This environment gives founders the opportunity to refine technologies, understand real-world threats and scale solutions that are both technically robust and societally relevant.
Through this program, cybersecurity startups gain access to:
- A strong network of cybersecurity partners and corporate innovators;
- Mentorship from leading cybersecurity experts;
- Tailored support in securing investment;
- Market validation and structured growth pathways;
- A launchpad into one of Europe’s most advanced cybersecurity ecosystems.
The program is supported by national partners including the Ministry of Economic Affairs and Climate Policy (EZK), dcypher, TNO, Ministry of Justice and Security (JenV), ROM-NL, Security Delta (HSD), HSD Campus, TU Delft and Topsector ICT, and is aligned with the national strategy for digital security and innovation.
“With YES!Delft’s support and the regional cybersecurity infrastructure, we’ve been able to validate and scale our solution much faster,”
— Tom Leijte, Co-founder & CEO, Passguard
Join the Cybersecurity Incubation Program
Cybersecurity startups looking to scale their technologies, validate them with real partners and accelerate market entry can now apply for the Cybersecurity Incubation Program on the YES!Delft website.
The program begins officially in January 2026 and welcomes startups from the Netherlands and around the world developing breakthrough cybersecurity technologies.
This article is adapted from an original publication by YES!Delft.
