UnderDefense MAXI is the solution to day-to-day cybersecurity problems of IT leaders and teams. It builds your 24/7 business protection together with you on the driver’s seat.
Our MDR clients have had no ransomware cases for the last 6 years, because we know cybersecurity and we mean it. Get all the threat context in 2 minutes, and reduce your MTTC to 15 minutes with the the most efficient MDR solution that seamlessly scales to your specific needs.
All types of pentests performed by award-winning ethical hackers. Get the most comprehensive pentest report and remediation guidelines to strengthen your defenses ASAP.
The most comprehensive Incident Response solution. Incident responding, decrypting, investigating, and remediating–we do it all. While your hands on the wheel.
We leverage your existing tools, fight threats 20x faster with automation, and proactively hunt across all environments. Full MDR, remote SOC, or co-managed security.
[CVE-2018-6231] Trend Micro Smart Protection Server Bypass Vulnerability + Code Execution By Taras Zelyk, Serhiy Sych, Bogdan Vennyk “At UnderDefense we are not only hunting for vulnerabilities and analyzing their patches but also developing exploits for N-day...
Intro Working for our client with a database hosted on Amazon, we have faced the case of forwarding MySQL log files in AWS to Splunk in order to monitor connections to the DB. According to safety measures it was important to detect unusual user activity in case...
Are you familiar with a pain of trying to install or update a large number of Splunk universal forwarders using only Splunk toolkit? It seems impossible. That is where the work of “configuration management” tools makes a true difference in the everyday life of Splunk...
In 2011 Benjamin Delpy released his side project that most recently became a key component of some ransomware worms that spread across Europe. Mimikatz became a ubiquitous tool in all manner of hacker penetrations, allowing intruders to quickly leapfrog from...
A critical vulnerability has been discovered in libssh – the implementation library for Secure Shell (SSH) that could allow anyone connect to computers remotely without knowing your password. Please, install the latest patches for your systems and pay...
About AppLocker Creating AppLocker rules Summary Introduction Recently our security team discovered several issues with Windows 10 (Enterprise and Education versions) in Active Directory domain. We will try to describe how it all started, below. We needed to...