Activate Your Defense

Berezha Security is a cyber-security company focused on Offensive Security and Security Awareness.

Berezha is on a mission of providing top quality security services while keeping them affordable for the widest range of customers.

We help our clients improve their security posture by applying our expertise in Software Security, Penetration Testing, Bug Bounties, and Security Audit.

 
$1,000+
 
$50 - $99 / hr
 
2 - 9
 Founded
2014
Show all +
Kyiv, Ukraine
headquarters
  • Berezha Security Kyiv
    Ukraine

Reviews

Sort by

Penetration Testing for FinTech Software Firm

"The steps were quite clear and we knew what to expect."

Quality: 
5.0
Schedule: 
5.0
Cost: 
4.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
June 2017 - June 2018
Project summary: 

Berezha Security handled penetration testing for two projects, the main one being for a mobile app and its API. They also tested a web app and provided detailed reported on areas of improvement.

The Reviewer
 
51-200 Employees
 
San Francisco Bay Area
Olga Bandura
Head of Inside Sales, Softjourn
 
Verified
The Review
Feedback summary: 

They filled a gap in in-house talent, allowing the delivery of a fully-tested product without having to invest in hiring new resources. Berezha Security’s attentive team understood project needs quickly and were easy to work with, making the collaboration seamless and rewarding.

BACKGROUND

Introduce your business and what you do there.

I’m the head of inside sales at Softjourn, a software development company. We’re a service provider that mainly works with cards, payments, and fintech services.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Berezha Security?

We needed a company to conduct penetration testing for one of our client projects. We didn’t have the expertise in-house for the task.

SOLUTION

What was the scope of their involvement?

They performed penetration testing, which involved the analysis of the code of the mobile access control app for one of our ticketing clients. They looked at both the mobile app and the API side of it. After that, they sent a very detailed report on the breaches and areas that needed improvement in order to make the app more secure and protected.

The app is based on Submarine and the API is .NET. Berezha Security also worked with our venue mapping tool that helps create maps of venues. They did the same testing, with the only difference being that it’s a web-based application.

What is the team composition?

We mainly talked with the co-founder, who acted as the account manager and project manager as well. We also collaborated directly with the person in charge of testing.

How did you come to work with Berezha Security?

We were referred to them by one of our clients and employees that met them at one of the conferences they spoke at. We chose them because of their expertise; they had all of the certifications needed in order to perform the penetration testing. Their price was also better than the other companies we approached.

How much have you invested with them?

We spent less than $10,000.

What is the status of this engagement?

We started working together in June 2017 until June 2018.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

For the first project, they helped provide something we didn’t have in-house expertise for. That added value to the services we provide our clients without having to invest in getting people to learn how to do the testing and get all the certifications required.

Per their recommendations, we’ve made the improvements and changes in the code for the system. After that, they retested everything to make sure all the gaps were fixed.

How did Berezha Security perform from a project management standpoint?

I’m very happy with their availability and responsiveness. We used Skype most of the time.

What did you find most impressive about them?

They were easy to work with, responsive, and effortlessly understood our needs. They sent us the overview of the proposed solution and how to perform the penetration testing quickly. We didn’t have to spend much time managing them, and they sent the analysis and results on time.

Do you have any advice for potential customers?

The process with them is straightforward. The steps were quite clear and we knew what to expect.

5.0
Overall Score They were good.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    They met deadlines.
  • 4.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Security Audit for Web Platform

"They know what they’re doing."

Quality: 
5.0
Schedule: 
4.5
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Apr. - May 2018
Project summary: 

Berezha Security performed a full audit and penetration test of Android and iOS apps, a web app, and multiple APIs. They provided a summary report and ran follow-up tests several months later. 

The Reviewer
 
11-50 Employees
 
Amsterdam, Netherlands
Léa Moreau
Product Owner, SRXP
 
Verified
The Review
Feedback summary: 

The thorough, detailed audit helped eliminate system flaws and increase customer confidence. Berezha Security stayed in constant contact so that issues could be addressed in real time. Their professionalism, clear reporting, and extensive knowledge of the industry made the partnership strong. 

BACKGROUND

Introduce your business and what you do there.

SRXP specializes in digitizing expense receipts for corporate entities. Users take pictures of their receipts on a mobile phone, and we process them and send them back to their financial administration. I'm the product owner of the technical team.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Berezha Security?

We needed a cybersecurity and security audit. Since we're growing, we wanted to ensure that we had the correct security and eliminate any major flaws in our infrastructure. After adding a credit card integration, we called Berezha Security. 

SOLUTION

What was the scope of their involvement?

We initially talked about our needs and explained our work and infrastructure. This was our first time running a penetration test. For the initial run, they suggested tests that made sense for our application. We followed their advice, and they started testing two weeks later.

They tested in our acceptance environments, telling us in advance when they blasted a high number of requests. We had to freeze our environments, since releasing new things during testing can change everything.

They updated us as soon as they checked anything. Two weeks after testing, they provided a report that explained everything we had to correct. That was nice, since we had a few bugs. They didn’t find a lot of faults, but we corrected the ones they found right away. 

Two months after the first test, Berezha Security performed the same ones. They checked the old bugs and wrote a clearer report for our clients. We're hoping to assess our security with Berezha again next year by performing black box testing on our server and database.

What is the team composition?

I had two main contacts, so I could always reach out to someone. At the end of the project, we met with the four others who tested our site's security. We met remotely with everyone who worked on our issues.

How did you come to work with Berezha Security?

We were referred to them by another partner, who said that they were professional. They recommended them specifically because they offered extra security services. They don't just perform checks for companies, but are also active in the outside world.

How much have you invested with them?

We tested Android and iOS apps, the API, and the web application for a bit less than €5,000 (approximately $5,900).

What is the status of this engagement?

We worked with Berezha between April and May 2018.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

They messaged us as soon as they found something, and we fixed all the issues in real time. This gave us more time to make the fixes. It was important that we paid attention to security. This was our first step toward guaranteeing security for our clients and giving them more trust in our platform. 

How did Berezha Security perform from a project management standpoint?

We used WhatsApp, Hangouts, and email. It was easy for us to reach each other if something happened.

What did you find most impressive about them?

Berezha’s approach was great. I'd had issues communicating with the parties testing our infrastructure, which led to a lot of bugs on our platform. Berezha let us know before they did something. I appreciated being informed about what was happening.

Do you have any advice for future clients of theirs?

They know what they’re doing. Explain your infrastructure and what they should achieve. Instead of covering everything, they will advise you on pricing and determine exactly what needs to be tested. They won't just test a lot of things for a bigger bill.

5.0
Overall Score
  • 4.5 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
    They have competitive pricing.
  • 5.0 Quality
    Service & deliverables
    They did a great job.
  • 5.0 NPS
    Willing to refer

Penetration Testing for Telecom Firm

“I appreciated their professionalism, flexibility, and commitment to timelines.”

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
$10,000 to $49,999
 
Apr. - May 2018
Project summary: 

Berezha Security performed an in-depth security audit for an application, offering key recommendations on how to proceed with development. They also provided training on how to use code analyzers.

The Reviewer
 
11-50 Employees
 
Israel
R&D, Wireless Firm
 
Verified
The Review
Feedback summary: 

Berezha Security was able to identify numerous unforeseen security issues with the application. The team was meticulous and self-reliant, completing additional tasks without needless back and forth. Their success sets them up for future engagement. 

BACKGROUND

Introduce your business and what you do there.

I’m the VP of R&D for WiSpear. Our company provides Wi-Fi intelligence and surveillance services, including a variety of network security products.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Berezha Security?

We needed resources to conduct penetration testing on our products.

SOLUTION

What was the scope of their involvement?

They conducted black-box penetration testing and suggested security measures for various parts of our application. They also taught us how to use code analyzers in our technologies. I had a lot of questions along the way and added plenty of additional requirements. Despite that, they remained flexible and accommodated my needs.

What is the team composition?

I mostly worked with one of their co-founders. He was professional and worked independently.

How did you come to work with Berezha Security?

We considered several companies around the world but focused on Kyiv-based testers. Multiple people recommended Berexha Security to us, so we reached out to them. They responded promptly to my questions, and I was impressed with their professionalism and reasonable rates.

How much have you invested in them?

We spent around $10,000.

What is the status of this engagement?

Their work lasted from April–May 2018.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

They found several major security problems with our product, which allowed us to create an improvement plan. The plan identified best practices for developing our application while keeping future features in mind.

How did Berezha Security perform from a project management standpoint?

I was pleased with their quality of work and plan to continue collaborating with them on otherThey had a reasonable rate for such high-quality work. projects.

What did you find most impressive about them?

I appreciated their professionalism, flexibility, and commitment to timelines. Furthermore, they found several security issues that I hadn’t even thought about. It was easy to work with them because they were so independent. We didn’t have any conflicts or unnecessary discussions.

5.0
Overall Score It was pleasant to work with them.
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
    They had a reasonable rate for such high-quality work.
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Penetration Testing for Staffing Agency

"The results of the penetration test were very helpful, allowing us to improve our product’s security."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
June - Aug. 2017
Project summary: 

Berezha Security conducted penetration testing for various web apps, with the goal of eliminating security weaknesses. They detected issues after three weeks and did another round of testing afterward.

The Reviewer
 
51-200 Employees
 
Hilversum, Netherlands
Alex Tkachyk
Software Architect, HelloFlex
 
Verified
The Review
Feedback summary: 

The web apps boast increased security thanks to Berezha’s work. They’re not only experts in cybersecurity but also really organized when it comes to executing the tests.

BACKGROUND

Please describe your company and your position there.

I’m a software architect at HelloFlex. We create software for temporary staffing agencies in the Netherlands.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Berezha Security?

We needed to do a penetration test to check our web application for security leaks.

SOLUTION

How did you select this vendor?

One of our team members recommended Berezha Security. He knew that Vlad Styran (Director of Operations, Berezha Security) was an expert in cybersecurity by his posts, conferences, and other activities in the security community.

Describe the project in detail.

They performed penetration testing for our web applications in a period of three weeks. We had a month to fix the issues they found, after which they did a second round of testing to make sure they were resolved.

What was the team composition?

Vlad was our main contact person and he kept us informed of the project’s progress. From our side, our system administrator and I provided all the necessary information and environment for them to do the testing.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The results of the penetration test were very helpful, allowing us to improve our product’s security. Since it was a very productive collaboration, we decided to perform penetration tests annually.

How effective was the workflow between your team and theirs?

The workflow was very well organized. It was also very convenient working directly with Vlad.

What did you find most impressive about this company?

They’re a very professional company in the field of cybersecurity.

Are there any areas for improvement?

We didn‘t experience any weak areas.

5.0
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Penetration Testing for Global Esports Platform

"They utilized a number of techniques to find the vulnerable areas of our platform."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Mar. 2018 - Apr. 2018
Project summary: 

Berezha Security conducted penetration testing to detect the security vulnerabilities of a web platform tailored to esports. After detailing the risks, they provided recommendations for increased protection.

The Reviewer
 
51-200 Employees
 
Kiev, Ukraine
CTO, Esports Platform
 
Verified
The Review
Feedback summary: 

Berezha Security identified the at-risk portions of the website, and they offered recommendations to improve security. They provided regular progress reports and will conduct a retest of the newest measures in 60 days.

BACKGROUND

Please describe your company and your position there.

I am the CTO of a global web platform and payment gateway for esports.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Berezha Security?

We contracted with Berezha Security to conduct penetration testing against our web platform.

What were your goals for this project?

We needed to detect any security vulnerabilities and craft solutions. We needed to implement more stringent security policies.

SOLUTION

How did you select this vendor?

We researched several vendors in Eastern Europe, close to where we are located in Ukraine. We narrowed our search based on cost, expertise, and references.

Describe the project in detail.

Berezha Security was given access to our staging environment to conduct the testing. We provided them with multiple URLs that are critical for us to be tested and secured. They presented their findings and provided us with a timeline and cost of the next steps for protection.

What was the team composition?

We worked with two or three security consultants, who conducted the pen testing.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

We held a closure meeting with their team, and they shared their findings and recommendations. We now have a greater understanding of our security needs, and we are now focused on making repairs before they conduct a free retest in 60 days.

How effective was the workflow between your team and theirs?

They maintained an efficient flow of communication through various messengers and Slack channels. We were always informed about their work and their progress.

What did you find most impressive about this company?

They utilized a number of techniques to find the vulnerable areas of our platform. They were also equipped with recommendations for how to prevent those attacks.

Are there any areas for improvement?

If they were to build an understanding of blockchain, they would be able to audit the security issues of that domain as well.

5.0
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer