Datami Cybersecurity

BACKGROUND

Please describe your company and your position there.

I'm a product manager at software development company.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami Cybersecurity, and what were your goals?

We were looking for leading experts in DevOps field to guarantee smooth launch and we hoped to find someone who will also consult us in the future on technical matter.

SOLUTION

How did you select this vendor and what were the deciding factors?

We needed some who won't let us down, so we gathered references from partners. This company was recommended twice, also we were interested in Datami cyber security background. So we thought I'd wonderful to establish partnership and later work on cyber security posture.

Describe the scope of work in detail, including the project steps, key deliverables, and technologies used.

We needed a hand during the launch. Also we encountered some problems on development stage. So the tech expect was consulting us, was working on the infrastructure and fixed bugs.

How many people from the vendor's team worked with you, and what were their positions?

Recruitment process was extremely easy. We sent the list of requirements to their PM, after that we scheduled several calls. We selected the candidate whose qualifications we considered to be the best match for us.

RESULTS & FEEDBACK

Can you share any measurable outcomes of the project or general feedback about the deliverables?

For software development company the best results are satisfied customers. A high quality and timely delivery of the source code was achieved.Our cooperation saved us time and resources. Several innovative ideas were implemented and new approaches were adopted.

Describe their project management style, including communication tools and timeliness.

Working within the same time zone made our workflows efficient. They meet deadlines and put in extra effort if necessary. Additionally, the company has a good communication flow with onsite meetings. We could count on an advisory from their side any time.

What did you find most impressive or unique about this company?

Team of DevOps and cyber security experts, prompt reply and support 24/7 surprised us greatly. We have established long-term pertnership.

Are there any areas for improvement or something they could have done differently?

Any potential issues were addressed promptly, and all communication was quick. In addition to implementing the best practices, they had a lot of new approaches and ideas.

BACKGROUND

Please describe your company and your position there.

Davintoo Ukraina LLC is a software development company. We create IT solutions for training and assessment of employees, internal communications, data analysis, e-learning, and implementation of e-learning platforms in the company's IT environment. Our main product is LMS Collaborator – an e-learning web-platform (SaaS). My position is CTO

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami Cybersecurity?

We were looking for highly qualified cybersecurity expert who would take part in evaluating the security posture of the LMS. The person had to have several years of experience in Penetration Testing. Among the requirements was an ability to comply with standards and provide services promptly.

SOLUTION

How did you select this vendor and what were the deciding factors?

We searched online for cybersecurity firms which provided outstaffing services. Datami was one of the few companies that could combine security services, outstaff, quality and flexibility. Language criteria also played significant role, we needed expert who was fluent in English and Ukrainian in order to integrate in the customer`s team.

Describe the project in detail and walk through the stages of the project.

Datami`s expert joined the security team of the customer. New approach and excellent ideas on how to boost security were offered to the team and soon after were implemented in the system. Specialist also conducted pentest and security assessment of the internal network, this helped to uncover critical vulnerabilities. After testing he generating a report with executive summary, risk level of each vulnerability and recommendations on how to fix them. He also consulted the security team on HIPAA certification and assisted in obtaining the HIPAA certificate. They performed a thorough security audit of our website and web apps, identifying potential risks in our infrastructure.

They used Metasploit to carry out penetration testing and Paros Proxy to scan for vulnerabilities. After they finished, they delivered a report on all of our risks and provided a list of security recommendations. They're now implementing those changes. Include any key technologies and features.

How many resources from the vendor's team worked with you, and what were their positions?

We worked directly with a project manager and the candidate who was chosen after the interview.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The expert found several vulnerabilities, offered the solution and help to fix them. Several Medium vulnerabilities possessed huge risk and could lead to major data leak but thanks to the testing they were found and eliminated. HIPAA certification was obtained successfully. Consulting, vulnerability assessment and assistance in creating and updating policies made the process of obtaining the certification rapid and smooth.

How effective was the workflow between your team and theirs?

Regular weekly calls and online meets in a bundle with chats helped to stay inform 24/7. If we needed any information we could get it in seconds. Accourding to our agreement the expert informed the security team immideately.

What did you find most impressive or unique about this company?

Their 24/7 help, assistance, and responses were impressive. Also they accept payment in cryptocurrency. We appreciate that they offered multiple alternative solutions to suit our budget. That way, we could better prioritize how we spent our money.

Are there any areas for improvement or something they could have done differently?

No

BACKGROUND

Please describe your company and your position there.

I'm the Head of software architecture in a media.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami Cybersecurity?

We were looking for a cybersecurity company to perform penetration testing to our main websites as the cyberattacks have increasingly grown over the years.

SOLUTION

How did you select this vendor and what were the deciding factors?

After interviewing several cybersecurity companies we found that this vendor has the experience and the package that we were looking for. Including DDoS attacks in their package was a huge plus.

Describe the project in detail and walk through the stages of the project.

The vendor performed "black-box" attacks to our main 4 websites. These attacks included automatic and our company specific manual tests and also DDoS attacks. We got a detailed report after each website listing all our vulnerabilities together with descriptions and suggestions.

How many resources from the vendor's team worked with you, and what were their positions?

To our knowledge we have a project manager and a security tester, but supposedly there were more people working behind the scenes.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

They were able to find vulnerabilities that were specific to our websites, not only generic "nice-to-have" fixes that wouldn't change too much.

How effective was the workflow between your team and theirs?

Their Project manager was always available to answer any questions and updated us about the progress.

What did you find most impressive or unique about this company?

We appreciate the vendor is re-running tests for the vulnerabilities found to make sure we have removed them.

Are there any areas for improvement or something they could have done differently?

Everything was done as we expected and they were willing to adapt to our needs.

BACKGROUND

Please describe your company and your position there.

I'm a marketer at Red Jumpers. Red Jumpers is a partner agency for young IT companies. Red Jumpers provides a team game for young IT companies for the rapid growth of a new generation of European business

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami?

We were looking for highly qualified cybersecurity expert who would take part in evaluating the security posture of the cloent`s website and network. The person had to have several years of experience in Penetration Testing. 

Amoung the requirements was an ability to comply with standarts and provide services promptly. 

SOLUTION

How did you select Datami and what were the deciding factors?

We searched online for cybersecurity firms which provided outstaffing services. Datami was one of the few companies that could combine security services, outstaff, guality and flexibility. 

Language criteria also played sagnificant role, we needed expert who was fluend in English, Ukrainian and Russian in order to integrate in the customer`s team.

Describe the project in detail and walk through the stages of the project.

Datami`s expert joined the security team of the customer. New approach and excellent ideas on how to boost security were offered to the team and soon after were implemented in the system.  Specialist also conducted pentest and security assessment of the internal network, this helped to uncover critical vulnerabilities. After testing he generating a report with executive summary, risk level of each vulnerability and recommendations on how to fix them.

He also consulted the security team on HIPAA certification and assisted in obtaining the HIPAA certificate.  

How many resources from the Datami team worked with you, and what were their positions?

We worked directly with a project manager and the candidate who was chosen after the interview. 

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The expert found several vulnerabilities, offered the solution and help to fix them. Several Medium vulnerabilities possessed huge risk and could lead to major data leak but thanks to the testing they were found and eliminated. 

HIPAA certification was obtained successfully. Consulting, vulnerability assessment and assistance in creating and updating policies made the process of obtainig the sertification rapid and smooth.

How effective was the workflow between your team and theirs?

Regular weekly calls and online meets in a bundle with chats helped to stay inform 24/7. If we needed any information we could get it in seconds. Accourding to our agreement the expert informed the security team immideately. Professional communication and prompt answers. All deadlines were meet, some of the even earlier. Before establishing cooperation we agreed on informing if there is a chance of any delay.

What did you find most impressive or unique about this company?

The company feature we've found the most interesting are 24/7 help, assistance, and response. Also they accept payment in cryptocurrency.

Are there any areas for improvement or something they could have done differently?
Some of the testing took longer than we expected, but their in-depth process paid off in the end.

BACKGROUND

Please describe your company and your position there.

I'm a CISO of a bio-mechanical startup that provides web-based SaaS fitness/medical solution.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami?

We were looking for a cybersecurity company to perform security audit of our SaaS platform, perform penetration testing, collect list of vulnerabilities to improve the security posture of our product.

SOLUTION

How did you select Datami and what were the deciding factors?

We chose this service vendor based on a recommendation from the trusted source.

Describe the project in detail and walk through the stages of the project.

They performed thorough security audit of our web-based SaaS platform, ran penetration tests, detected security risks and provided the report with recommendations on mitigating the mentioned risks. We implemented changes as recommended, and additionally ordered implementation of custom penetration testing suite for our product, to conduct penetration testing internally.

Datami did a great job implementing custom penetration testing package for us.

How many resources from the Datami team worked with you, and what were their positions?

We had a project manager and 2 DevSecOps

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Datami did a great job detecting security vulnerabilities in our SaaS platform. Based on their recommendations, we were able to significantly improve our security posture. Thanks to Datami, we now have a penetration testing solution that we can run internally on a regular basis to ensure the security of our application.

How effective was the workflow between your team and theirs?

They managed our engagement very professionally: with regular meetings, status updates, clear understanding of our requirements, and meeting our deadlines.

What did you find most impressive or unique about this company?

We appreciated their ability to provide a solution that brought value since the first day of our relationship. This is the most important for the success of our business.

Are there any areas for improvement or something they could have done differently?

We did not have any negative experience working with Datami.

BACKGROUND

Please describe your company and your position there.

I'm founder at Andromeda Systems. We are solution provider in mobile/web development, RPA & AI Services.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami?

We needed to pentest the app and during the pentest, they conducted reverse engineering and dynamic and static testing of the app. Datami team helped us to pinpoint the weaknesses in our project.

SOLUTION

How did you select this vendor and what were the deciding factors?

By recommendation of our partners.

Describe the project in detail and walk through the stages of the project.

They had an IPO file of the app and all necessary data concerning the project.

How many resources from the vendor's team worked with you, and what were their positions?

I communicated with Wlad, the Datami project manager. Their app tester Rostyslav conducted all the necessary scannings and testings. Rostyslav is a highly skilled expert in this field and we were satisfied with his work.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The confidential report that Datami provided was consistent and contained all the information we needed. Moreover, it included recommendations and alternative solutions to our problem.

How effective was the workflow between your team and theirs?

Their PM was helping us every time. Wlad answered all our questions immediately and offered solutions. We were happy to work with a professional like Wlad.

What did you find most impressive or unique about this company?

They met all the deadlines and the results were amazing. Their testing and management skills were on the highest level.

Are there any areas for improvement or something they could have done differently?

Our cooperation was effective and I would recommend, to potential Clients creating a meeting with your company`s tech experts and Datami team. Your experts will explain task and their professionals will deliver a solutions.

BACKGROUND

Introduce your business and what you do there? 

I’m the head of sales in the fintech unit of S-PRO, a SaaS and consulting company.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Datami?

We needed their expertise in security infrastructure and engineering.

SOLUTION

What was the scope of their involvement?

Datami handles our client projects that center on security infrastructure, services, and engineering. We provide their team with the project scope and requirements, and they examine the scope thoroughly and seek clarification when needed. Once they plot the deliverables and identify their technology stack, Datami then presents the solutions to our team.

What is the team composition? 

We work with five resources from Datami, including their CEO and project manager.

How did you come to work with Datami?

They were recommended to us.

How much have you invested with them?

We've spent between $25,000–$50,000 so far.

What is the status of this engagement?

Our ongoing engagement started in January 2019.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

Datami works like our extension of our internal team, enabling a smooth exchange of feedback and a satisfactory flow of ideas. They've helped eliminate cyberattacks on our clients' websites and deployed robust security solutions to prevent such issues from recurring. Overall, we're pleased with how they help us handle projects to achieve our milestones.

How did Datami perform from a project management perspective?

I can't say enough great things about Datami's project management skills. They have a self-starter and communicative approach, and they're keen on meeting all our deadlines.

What did you find most impressive about them?

Datami is a highly adaptable and optimistic team — they never shy away from obstacles.

Are there any areas they could improve?

We can benefit from refined interpersonal skills.

Do you have any advice for potential customers?

Don't hesitate to hire Datami. You won't regret entrusting your needs to their team.

BACKGROUND

Introduce your business and what you do there.

I’m the CTO of a B2B SaaS platform that helps businesses with strategic decision-making. Our software uses machine learning (ML) technology and decision science best practices to help clients make difficult strategic decisions. We help them achieve faster and more accurate results. Our team also plans features for feedback loops. That way, our clients’ decision-making process keeps getting better by using our platform. 

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with Datami?

We needed to evaluate our security and go through penetration testing using a neutral third-party vendor. We contracted Datami to test our systems, and we used their report for our SOC 2 audit. 

SOLUTION

What was the scope of their involvement?

When we first talked to Datami, we only wanted to do a black box test, where we didn’t give them any insights into how the application functions from the inside. Our team simply told them the endpoints of the software, and they gave us a rough outline of what they were going to do without giving away too many details.

Internally, I challenged my software team to find as many problems in the software as possible. That way, Datami wouldn’t find too many issues. Meanwhile, Datami put a system in place where if they found anything critical, they could alert us right away and we could address it immediately. 

After finishing a range of tests, they gave us an initial report of what they found, ranking the severity of every item. They gave us time to address the issues, then Datami did a retest of the system to make sure everything was resolved satisfactorily.

What is the team composition?

I worked with Wlad (Project Manager) and Alex (Managing Owner); I had the most interactions with them. A couple of engineers were in our chat channel, but they mainly communicated with Wlad, who served as the spokesperson for their side. 

How did you come to work with Datami?

I found Datami on LinkedIn. At that time, I was also looking into two other vendors. I asked the three of them to bid for this project and evaluated them based on price, perceived competence, and sample report quality. I was looking as for whether they’d be a good long-term partner for our company. 

Datami wasn’t rated the highest in everything on our list, but they had a great price point and the team seemed to be technically good. On top of that, the areas in which they weren’t the best ranked (fancy reports) didn’t matter to us so much. We cared about the actual technical competence within the report and not how the PowerPoint presentation would look. 

In the end, we went with Datami. We felt that they could provide us with the best value in terms of money. We wanted a team that was heavy on engineers but not on business people, and Datami fit the bill. 

How much have you invested with them?

We spent around $5,000. 

What is the status of this engagement?

Our engagement lasted from August–October 2021.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement? 

We passed our SOC 2 audit, which was the biggest success metric we had. On top of that, we also identified a couple of issues in our security system. Datami called our attention to these issues, so we were able to make our web app more secure. 

How did Datami perform from a project management standpoint?

Datami did a decent job in terms of project management. They were fairly responsive whenever I had a question. There weren’t too many aspects to it; we basically put together a deal and set a schedule for the pentesting and reporting. They communicated with us promptly if they found anything critical and delivered the report. Their team did fine in all those aspects.

What did you find most impressive about them?

What distinguished Datami from other companies was their no fluff, all buff approach. They were a group of committed and hardworking security engineers. Overall, their value was great. The same services would cost 2–3 times more if we had gotten them from other companies. 

Are there any areas they could improve?

Datami’s report could look a bit better in terms of layout and fonts. However, as far as the actual work was concerned, they did a great job; everything was coherent and made sense — we were truly happy.

Do you have any advice for potential customers?

Whenever undergoing a security penetration test, it’s always good to self-test first. The more issues you find and fix before you engage a company like Datami, the more they can focus on non-obvious issues. 

BACKGROUND

Please describe your company and your position there.

Our game is based on play2earn principles and belongs to MMORPG. Owning land, completing missions in the game will generate income that can be spent on improvements within the game and, of course, traded on DEX. Making money by playing in the modern world is not just a dream, but a very real opportunity. The game takes place in a fantasy world where every participant who owns a plot of the Land can feel like the ruler of the city. For players without Lands, the fate of mercenaries is proposed. Heroes will be able to complete tasks for a fee. All actions are performed in real time and include interactions between players, both friendly and hostile.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami Cybersecurity?

I needed the security audit for two smart contracts

SOLUTION

How did you select this vendor and what were the deciding factors?

The auditor performed the audit and give me the comprehensive report

Describe the project in detail and walk through the stages of the project.

I gave to auditor my github repository at https://github.com/srg777/woccontracts they made all necessary tests and prepare report we discussed all issues, I have make changes and they reviewed contrants again

How many resources from the vendor's team worked with you, and what were their positions?

I have contacted to at least three persons, but I don't know how many were involved in project

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

https://warofcontinents.online/2022/07/30/security-audit-of-two-smart-c…

How effective was the workflow between your team and theirs?

I was totally satisfied

What did you find most impressive or unique about this company?

They worked pretty fast, and I liked it.

Are there any areas for improvement or something they could have done differently?

no, everything fine

BACKGROUND

Please describe your company and your position there.

I`m the owner of IT consulting company, providing assurance and advice in risk, information technology management and information security management systems for banks and enterprises since 1999.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Datami?

We hired Datami as external experts to perform a penetration test of IT infrastructure within ISMS audit of a bank.

SOLUTION

How did you select this vendor and what were the deciding factors?

We communicated with the professional cybersecurity community, assessed the availability of services providers in the required time frame, did a background check on the provider, and included selected representatives in the audit team for the project.

Describe the project in detail and walk through the stages of the project.

They took part in planning a white-box penetration test, performed the test, and provided the report.

How many resources from the vendor's team worked with you, and what were their positions?

We had a project manager and two analysts.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Few vulnerabilities in the online services of the bank, discovered within pentest, were mitigated. Details are under NDA.

How effective was the workflow between your team and theirs?

The communication was consistent and timely. Testing activities happened at the planned time and way. The overall workflow within the project was smooth.

What did you find most impressive or unique about this company?

We appreciate, that they take accountability for their actions in infrastructure.

Are there any areas for improvement or something they could have done differently?

Datami performance within the project was perfect.