UnderDefense Blog

Top 3 research and rating platforms for cybersecurity The first step our potential customers take is visiting of the websites with independent ratings, reviews, and feedbacks online to check the quality, excellence, and professionalism of a vendor or service provider...

The best penetration test for your business. If you have decided that penetration test (an authorized simulated attack on a computer system, performed to evaluate the security of the system) is what your business needs, next step will be to choose its type.We will...

UnderDefense received the 3d place at SecOps Europe in 2018 Our engineers had some practical experience in reacting to Incident Response at SecOps Europe in 2018. They developed and enhancined cybersecurity awareness in offensive and defensive sides and took part in...

Windows 10 Start menu About AppLocker Creating AppLocker rules Summary Introduction Recently our security team discovered several issues with Windows 10 (Enterprise and Education versions) in Active Directory domain. We will try to describe how it all started, below....

UnderDefense at AGS SIGMA conference Our CEO Nazar Tymoshyk, and Head of BD Viktoria Miliar visited another great event in Kyiv. Both represented UnderDefense and our trusted partners Kyte Consultants Ltd at the annual summit #AGS SIGMA conference in Kyiv. Over two...

UnderDefense's engineer unlocked Splunk certifications Consultant I level  We are pleased to be a Spunk partner and now our security analysts are awarded and holding Splunk certifications.  Slunk Inc. is a company producing software for searching, monitoring, and...

IoT Malware analysis project UnderDefense has completed a new IoT Security project. Our Malware analysis helped Israel startup to identify and Reverse Engineer new malware example that massively targets IoT devices.

Crypto markets & Smart-Contract Security UnderDefense has recently completed 2 complex security assessment projects for cryptocurrency marketplaces. Our elite team of ethical hackers provided Solidity based Smart-Contract code assessment as well as discovered critical...

Eset Remote Administrator App for Splunk About data visualisation and Splunk apps Shortly about app App Description Summary Links About data visualization and Splunk apps The best method to explain the significance of information is to display it in a visual context....

How to configure log collection from Cisco FirePower to Splunk Installing and configuration of a Splunk Add-on Prerequirements FMC configuration Installing and configuration Splunk eStreamer eNcore App Summary Troubleshooting Example 1 Example 2 Introduction In this...

Windows Event Collector orchestration Create a Group Policy Add WEC to the special user group Add read access to security logs for winRM services Restricted Group creation WinRM service configuration Summary Introduction As the continuation of the previous article, we...

Windows Event Collector orchestration Different Methods of log collection Splunk Universal Forwarder VS WEC How it works (Solution overview) Installation description Subscription creation process Summary Introduction This blog is one of many in a series that will...

Splunk Add-on for Eset Remote Administrator Development. How to use it Summary Development First of all we need to install Splunk Add-on builder. I prefer to install it from internal splunk shop in Splunk Enterprise. Go to Manage Apps and click Browse more apps   Use...

How to deploy MSI packages remotely in Windows infrastructure using remote shell How to use msiexec on remote hosts? Description of the situation in the environment  How do we delegate credentials?  Application installation Summary Very often we come across the...