UnderDefense Blog

A new #OSCE certificate on our Wall of Fame!

A new #OSCE certificate on our Wall of Fame!

A new #OSCE certificate on our Wall of Fame! UnderDefense team has added another certificate in our Red Team portfolio! Offensive Security Certified Expert (OSCE) certification shows a strong understanding of security principles and practice. This ethical hacking...

Strategic partnership with Nexia Group

Strategic partnership with Nexia Group

Strategic partnership with Nexia GroupWe are happy to announce that UnderDefense has become a member of Nexia Group. At the BreakWest meeting, we have been officially recognized as a partner of a leading global network of independent accounting and consulting firms....

Threat & Fraud detection with Splunk

Threat & Fraud detection with Splunk

Threat & Fraud Detection: How Splunk can catch and stop it Client:  #1 National Telecommunications and Internet Technologies provider Technical Challenge:  We had to monitor 600,000,000 historical unstructured old data and 2,000,000 events per day Business...

How to comply with SHIELD act?

How to comply with SHIELD act?

How to comply with SHIELD Act? Are you storing data and private information of New York residents? The state has enforced breach notification law Stop Hacks and Improve Electronic Data Security (SHIELD) Act updating the scope and requirements for consumers’ sensitive...

News from UnderDefense in NYC

News from UnderDefense in NYC

News from UnderDefense in NYCWe’ve moved! UnderDefense is excited to announce that you can find us at 111 John Street, Suite 420 in NYC. Also, there are a few brilliant events in August-October that we are going to take part and encourage you to do the same.28 August...

UD experts are not only in the cyber world

UD experts are not only in the cyber world

UD experts are not only in the cyber worldOur UnderDefense team had some truly great time this weekend! We regularly spend time together to build great communication between our teams and nurture company values.This time our little going-out-of-city became an...

UnderDefense in Canada

UnderDefense in Canada

UnderDefense in Canada UnderDefense had great opportunities to attend many insightful events and meet interesting people in Canada. UD representatives were happy to visit two separate events but equally important. They got in touch with world leaders at an...

Women in Technology at UnderDefense

Women in Technology at UnderDefense

Women in Technology at UnderDefenseUnderDefense supports Women in Technology! We have a whole bunch of talented and brilliant female Security Specialists and proud of this beautiful part of our team! We are absolutely proud that 9 out of 36 UD-teamers (around 25%) are...

New Feature in AWS: Traffic Mirroring

New Feature in AWS: Traffic Mirroring

New Feature in AWS: Traffic MirroringNow security analysts are able to collect data fast and flexibly with a new feature. Traffic Mirroring in AWS has given an ability to transfer the traffic to a SIEM (like Splunk) and analyse it. This is targeted for cases when you...

CISO Answers – with Michael Schindler

CISO Answers – with Michael Schindler

CISO Answers - Interview with Michael Schindler #CISOAnswers is a series of interviews with thought leaders in IT/IS seasoned with valuable insights on a variety of important topics. Watch our interview with - Michael Schindler - a leader with strong roots in the...

Web Application Penetration Testing

Web Application Penetration Testing

Web Application Penetration Testing Client: International Marketing Service Firm Challenge:   Client data security and Compliance requirements from a very prominent customer were a initial stimul to conduct Application Security testing and build a solid Security...

CISO Answers – Interview with Matthew Sciberras

CISO Answers – Interview with Matthew Sciberras

CISO Answers – Interview with Matthew Sciberras “CISO Answers” is a series of interviews with thought leaders in IT/IS seasoned with valuable insights on a variety of important topics. The first of our exclusive CISO Interviewees is Matthew Sciberras - Director of...

UD team at NoNameCon 2019: outcomes and materials

UD team at NoNameCon 2019: outcomes and materials

UD team at NoNameCon 2019: outcomes and materialsNoNameCon was epic this year! We loved to see the growth of our community and contribute with speeches sharing our expertise! There were 3 speakers from UnderDefense, 2 Villages and 12 UD teamers who attended the...

Top cloud threats in 2019: secure your infrastructure

Top cloud threats in 2019: secure your infrastructure

Top cloud threats in 2019: secure your infrastructureA lot of companies prefer to use cloud environment in order to store clients' data there. It is a convenient way and offers many flexibility. But how to make these remote storages well protected from cloud threats?...

Catch them! Secrets to detect attackers Maltese workshop

Catch them! Secrets to detect attackers Maltese workshop

Catch them! Secrets to detect attackers Maltese workshopMalta Blockchain Summit is a place where business representatives from Crypto Marketplaces, Online gaming, and gambling & Financial Technology companies meet up to network and receive up to date information....

IoT attack simulation and ways to protect

IoT attack simulation and ways to protect

IoT attack simulation and ways to protect Internet of Things rapidly changes lives of millions of people. The ramp up of technology also comes with security risks that are usually underestimated. In today’s world of “always on” technology and not enough security...

Anomali and UnderDefense partnership

Anomali and UnderDefense partnership

Anomali and UnderDefense partnership Anomali is one of the most comprehensive Threat Intelligence Platforms. It boosts the reaction of analysts in Security Operations Center to unknown threats and investigate incidents faster. We are proud to have such a strong...

Mac based antimalware training

Mac based antimalware training

Mac antimalware trainingApple customers believe that no adversaries can hack their personal data or access important files. We bust this myth about perfectly secure MacOS devices! During our Security Awareness training, we demonstrate how anyone can break this system....

ISO 27001 assessment

ISO 27001 assessment

ISO 27001 assessmentISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS). An ISMS is a set of policies, procedures, processes and systems that manage information risks, such as cyber...

UnderDefense is product agnostic

UnderDefense is product agnostic

UnderDefense is product agnosticUnderDefense works with SIEM tools such as Splunk, Qradar and McAfee Enterprise Security Manager (ESM). Being a product agnostic company gives us an opportunity to find custom solutions for our clients which cover their most important...

Roadmap of UD services

Roadmap of UD services

UnderDefense cybersecurity services roadmap The statistics show that cybersecurity issues are becoming a day-to-day struggle for businesses. That's why thinking about your security posture is a number one task for all go-ahead companies. Your sensitive data and money...

2018 in numbers

2018 in numbers

2018 in numbers 7 times revenue growth Top 5 of 704 Cybersecurity Consulting Companies by Clutch 4 products launched for our clients 24 new logos 1.5 times growth of engineering staff 3d place on SecOps EU competition 1 new Fraud Detection project completed 50 new...

NIST Cybersecurity Framework Assessment

NIST Cybersecurity Framework Assessment

NIST Cybersecurity Framework Assessment UnderDefense conducted an assessment for our global client from Information Technology and Services with 1000+ employees providing a report with insights into organizations’ current security profile – as defined in the NIST...

Effortless Splunk Universal Forwarders update with Ansible

Effortless Splunk Universal Forwarders update with Ansible

Effortless Splunk Universal Forwarders update with Ansible Are you familiar with a pain of trying to install or update a large number of Splunk universal forwarders using only Splunk toolkit? It seems impossible. That is where the work of “configuration management”...

Fraud Detection Speech at EBA

Fraud Detection Speech at EBA

Fraud Detection Speech at EBA UnderDefense team has attended a Breach&Fraud.IT meeting, which was organized by the European Business Association. Our CEO Nazar Tymoshyk and PM Mykhailo Hordych have presented there a speech about Data Breach Incident and its...

Spunk-based project on fraud detection investigation

Spunk-based project on fraud detection investigation

Spunk-based project on fraud detection investigation Our team has detected fraudulent activity on the employee's side in our client’s company from the telecommunications sector. Splunk helped us to process all the data and capture suspicious actions. We have collected...

New Gen SIEM Tool development

New Gen SIEM Tool development

New Gen SIEM Tool development What we have done: We have developed from our US MSSP client a reliable, fast and easy-to-use solution for Security Analysts and CISOs which helps to collect, per-process and forward logs for further analysis. Its main benefits: a remote...

Critical vulnerability in Linux and Mac

Critical vulnerability in Linux and Mac

libssh vulnerability: Critical flaw in Linux and Mac SSH/SFTP services A critical vulnerability has been discovered in libssh - the implementation library for Secure Shell (SSH) that could allow anyone connect to computers remotely without knowing your password....

Top 3 research and rating platforms for cybersecurity

Top 3 research and rating platforms for cybersecurity

Top 3 research and rating platforms for cybersecurity The first step our potential customers take is visiting of the websites with independent ratings, reviews, and feedbacks online to check the quality, excellence, and professionalism of a vendor or service provider...

The best penetration test for your business

The best penetration test for your business

The best penetration test for your business. If you have decided that penetration test (an authorized simulated attack on a computer system, performed to evaluate the security of the system) is what your business needs, next step will be to choose its type.We will...

UnderDefense received the 3d place at SecOps Europe in 2018

UnderDefense received the 3d place at SecOps Europe in 2018

UnderDefense received the 3d place at SecOps Europe in 2018 Our engineers had some practical experience in reacting to Incident Response at SecOps Europe in 2018. They developed and enhancined cybersecurity awareness in offensive and defensive sides and took part in...

Windows 10 Start menu

Windows 10 Start menu

Windows 10 Start menu About AppLocker Creating AppLocker rules Summary Introduction Recently our security team discovered several issues with Windows 10 (Enterprise and Education versions) in Active Directory domain. We will try to describe how it all started, below....

UnderDefense at AGS SIGMA conference

UnderDefense at AGS SIGMA conference

UnderDefense at AGS SIGMA conferenceOur CEO Nazar Tymoshyk, and Head of BD Viktoria Miliar visited another great event in Kyiv. Both represented UnderDefense and our trusted partners Kyte Consultants Ltd at the annual summit #AGS SIGMA conference in Kyiv. Over two...

UnderDefense’s engineer unlocked Splunk certifications

UnderDefense’s engineer unlocked Splunk certifications

UnderDefense's engineer unlocked Splunk certifications Consultant I level  We are pleased to be a Spunk partner and now our security analysts are awarded and holding Splunk certifications. Slunk Inc. is a company producing software for searching, monitoring, and...

IoT Malware analysis project

IoT Malware analysis project

IoT Malware analysis project UnderDefense has completed a new IoT Security project. Our Malware analysis helped Israel startup to identify and Reverse Engineer new malware example that massively targets IoT devices.

Crypto markets & Smart-Contract Security

Crypto markets & Smart-Contract Security

Crypto markets & Smart-Contract Security UnderDefense has recently completed 2 complex security assessment projects for cryptocurrency marketplaces. Our elite team of ethical hackers provided Solidity based Smart-Contract code assessment as well as discovered...

Eset Remote Administrator App for Splunk

Eset Remote Administrator App for Splunk

Eset Remote Administrator App for Splunk About data visualisation and Splunk apps Shortly about app App Description Summary Links About data visualization and Splunk apps The best method to explain the significance of information is to display it in a visual context....

Windows Event Collector orchestration 2

Windows Event Collector orchestration 2

Windows Event Collector orchestration Create a Group Policy Add WEC to the special user group Add read access to security logs for winRM services Restricted Group creation WinRM service configuration Summary Introduction As the continuation of the previous article, we...

Windows Event Collector orchestration

Windows Event Collector orchestration

Windows Event Collector orchestration Different Methods of log collection Splunk Universal Forwarder VS WEC How it works (Solution overview) Installation description Subscription creation process Summary Introduction This blog is one of many in a series that will...

Splunk Add-on for Eset Remote Administrator

Splunk Add-on for Eset Remote Administrator

Splunk Add-on for Eset Remote Administrator Development. How to use it Summary Development First of all we need to install Splunk Add-on builder. I prefer to install it from internal splunk shop in Splunk Enterprise. Go to Manage Apps and click Browse more apps  ...

Pin It on Pinterest