We stop cyber attacks and prevent data breaches

We at UD are dedicated to supporting organizations around the world in planning, building, managing, and running successful security operations, IS  programs, meeting and maintaining compliance regulations and exceeding organizations abilities to run their businesses securely and confidently.   

UD team of talented and professional cybersecurity experts partner with enterprise-class organizations to provide a full package of Cyber Security engineering services and solutions including Experts, Security Assessments, Compliance audits, Product Advisory Services, Threat and Vulnerability Management, Incident Detection & Response, Network & Security architecture, implementation, and much more.

We don’t just do; we think, innovate, and create new security capabilities to combat tomorrow’s threats today.

 
$5,000+
 
$50 - $99 / hr
 
50 - 249
 Founded
2016
Show all +
New York, NY
headquarters
  • 111 John Str Suite 420
    New York, NY 10038
    United States
other locations
  • United States

Portfolio

Key clients: 
Small and Medium Businesses Telecom, Gaming, Fintech, Technology companies, Security Vendors like McAffee, MSSPs

Director of Google Security about CyberSecurity and UnderDefense team     

CISO answers - Interview with iGaming CIO

In this interview Matthew Sciberras shares his insights on accomplishing cybersecurity challenges, detecting and blocking attacks, people hiring and management, security and compliance in iGaming and the value Security Operations bring to the company.


He works for one of the largest companies within the European iGaming industry with 20+ brands offering Casino, Sportsbook and other Games.

Threat and Fraud detection in #1 National Telecom  Image

Threat and Fraud detection in #1 National Telecom

Client: #1 National Telecommunications and Internet Technologies provider.


View all case study at https://underdefense.com/web-application-penetration-testing/


Technical Challenge: We had to monitor 600,000,000 historical unstructured old data and 2,000,000 events per day.


/>

Business Challenge: We had to provide an assurance to telecom’s clients on security and controls protecting the privacy and confidentiality of users’ data. Processing integrity of the systems that generate their customers ability to connect to the global world.


Solution: Splunk helped us to investigate the situation in order to detect deceivers and avoid company fraud.


Result: After detecting the fraudulent activity with Splunk, the company saved $1,08M in loses. Around 300 insider fraudsters were fired and corporate data leakage was prevented saving clients’ data and privacy.

Keeping cyber crime in secret | Stories by ISACA Board Member "Radar" Riley Image

Keeping cyber crime in secret | Stories by ISACA Board Member "Radar" Riley

Watch the whole video at YT https://www.youtube.com/watch?v=kuN9Q7OKjIk


The interview focuses on the cyber threats current situation of educational and oil&gas industries in general and particularly at Houston, vendor management issues and mindset of acting proactively to cyberthreats and fraud.


"Radar" Riley is a

Security Expert, experienced Manager of Information Security, Security and Compliance with an NYSE listed multinational Oil & Gas conglomerate. Also, he is a Board Member of ISACA, an Advisory Board of Houston Community College and many more honoring titles.


His approach teaches how to avoid cybersecurity troubles in your company and establish an armour from cyber fraud and crime in your business environment!

Web Application Penetration testing for Marketing Service Firm Image

Web Application Penetration testing for Marketing Service Firm

View case study at https://underdefense.com/web-application-penetration-testing/


Client: International Marketing Service Firm


Challenge: Client data security and Compliance requirements from a very prominent customer were a initial stimul to conduct Application Security testing and build a solid

Security Assurance process to mitigate similar issues in the future


Solution: This Comprehensive Security Assessment allowed our client to strengthen weak spots in their Web Application Security


Result: Overall security posture was improved after remediation from grade F (Inadequate) to A (Excellent) following recommendations provided in our Penetration Testing Report

Reviews

Sort by

Digital Security Testing for Oil & Gas firm

"We had communication every day, including weekly retrospectives, planning meetings, and office visits."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
$10,000 to $49,999
 
Aug. - Sept. 2019
Project summary: 

UnderDefense performed analysis and audit on the website and mobile app security of an oil and gas provider. They also provided security training and solutions for the problems discovered.

The Reviewer
 
5,001-10,000 Employees
 
Lviv, Ukraine
Roman Stefanyshyn
Information Security Officer, OKKO Group
 
Verified
The Review
Feedback summary: 

The project was highly successful, finding and eliminating security threats in digital infrastructure and saving the company over $10,000 in potential customer loss from violations. The UnderDefense team went above and beyond their scope, ensuring their client could also prevent future violations.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I am a Roman Stefanyshyn information security officer in OKKO Group. Our company has one of the biggest shares at the national market of Oil&Gas branded filling complexes. Our specialty is the retail of automotive fuels, products and restaurants as complimentary products to make the experience of our customers amazing.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

We hired UnderDefense to check our Mobile iOS and Android Applications for vulnerabilities and weak spots. The revealed flaws were used to formulate recommendations and build the strategy of strengthening our security posture

What were your goals for this project?

Mobile penetration testing was the first step in our engagement. Also, we plan to check our Infrastructure and business Web Application for possible flaws. These precautionary measures were essential to eliminate risks of unauthorized access and receiving confidential and financial information by adversaries.

SOLUTION

How did you select this vendor?

We heard good references about their work.

Describe the project in detail.

UnderDefense security experts followed OWASP Mobile Application Security Verification Standard. Their team closely cooperated with our internal development and security teams. We started with mapping all stages of our engagement divided into a few blocks.

Each day we received updates on detected vulnerabilities. During our weekly retrospectives, we worked on improving our workflow to get maximum results. Also, our project required onsite visits to check the special functionality of QR codes service for our clients.

Most of the work was done remotely and onsite visits were needed to deliver findings to our C-level team and repeatedly check a particular functionality in real-time. The last touchpoint of our involvement was the findings report delivery and working with our internal team by mentoring how to mitigate found gaps.

What was the team composition?

2 pentesters, 4 weeks

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The critical marker of received results are the money. We were able to save almost ten thousand dollars. After penetration testing chances of stealing clients’ money from banking cards have sufficiently diminished.

How effective was the workflow between your team and theirs?

We had communication every day, weekly retrospectives, planning meetings and office visits. UnderDefense has not only found security gaps in our Mobile App, but also helped our internal team understand and close them.

What did you find most impressive about this company?

They went beyond the scope of a regular penetration test as additionally executed trainings on security topics covering SOC, SDLC, and Vulnerability management topics. Also, we received two types of reports: a report with findings and recommendations on how to solve found vulnerabilities and a C-level report with a summary of critical findings.

Are there any areas for improvement?

We plan a long-term cooperation.

5.0
Overall Score We really liked to work with them.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    Everything was delivered according to time frames
  • 5.0 Cost
    Value / within estimates
    They over-exceeded our expectations by delivering more than we had in scope.
  • 5.0 Quality
    Service & deliverables
    They are great professionals in cybersecurity.
  • 5.0 NPS
    Willing to refer
    They delivered an excellent service and we are willing to recommend them

Security Monitoring for Healthcare Provider

"In the end, the company convinced us with its quality, flexibility and proximity."

Quality: 
5.0
Schedule: 
5.0
Cost: 
4.5
Willing to refer: 
5.0
The Project
 
$50,000 to $199,999
 
Feb. - Sept. 2019
Project summary: 

UnderDefense provided high-level malware analysis for a third-party healthcare provider, delivering rapid determinations of proper responses to potentially malicious programs interacting with the website.

The Reviewer
 
201-500 Employees
 
Frankfurt (Germany)
Director, Software Vendor
 
Verified
The Review
Feedback summary: 

The security of the website measurably increased as a result of the service UnderDefense provided. Their response rate increased the website's overall reaction times and satisfied all the client's needs with their strong work, reliability, and adaptability.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I'm the Technical Director Security & Strategic Alliances at a software vendor headquartered in Frankfurt (Germany). Our company has about 400 employees and we serve corporate clients all over the world.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

Our customer (a healthcare provider) had the demand that malware finds be processed promptly by an external SOC team on the basis of our Automated Endpoint Security. An own SOC team could not be provided by the customer. The huge number of malware infections had to be handled in the large IT infrastructure.

What were your goals for this project?

The response times for malware infestation had to be increased. Potentially unwanted applications had to be evaluated and whitelisted or blocked.

SOLUTION

How did you select this vendor?

We've looked at different vendors. Through a contact at the security fair RSA in San Francisco we got to know underdefense. Also with our cooperation partners underdefense is well-known. In the end, the company convinced us with its quality, flexibility and proximity.

Describe the project in detail.

First, the current infrastructure and situation were reviewed. Then the corresponding service levels were determined. After an introductory phase with highly qualified employees, the project was supported by additional employees. Regular reporting and coordination took place. When alerts arose, immediate consultation was held and measures initiated.

What was the team composition?

The customer was supported by our project managers, product managers, support staff and the support of malware analysts from underdefense.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

The number of events could be processed very quickly. The security of the company was increased thanks to our solution and the technical support of underdefense. Customer satisfaction is guaranteed.

How effective was the workflow between your team and theirs?

Regular reporting and coordination took place. When alerts arose, immediate consultation was held and measures initiated.

What did you find most impressive about this company?

In the end, the company convinced us with its quality, flexibility and proximity.

Are there any areas for improvement?

We are very satisfied

5.0
Overall Score We would like to expand our cooperation for further projects as well
  • 5.0 Scheduling
    ON TIME / DEADLINES
    Nothing to complain about
  • 4.5 Cost
    Value / within estimates
    The costs are fair
  • 5.0 Quality
    Service & deliverables
    Nothing to complain about
  • 5.0 NPS
    Willing to refer
    We would like to expand our cooperation for further projects as well

App Penetration Test for SaaS Company

"We are very pleased with the results of the evaluation."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Jan. - Apr. 2019
Project summary: 

UnderDefense delivered a security status report for a web application following penetration testing and a three-week assessment period.

The Reviewer
 
51-200 Employees
 
Eugene, Oregon
Shad Stafford
Vice President, Engineering, Palo Alto Software
 
Verified
The Review
Feedback summary: 

The report was impactful and clearly written. UnderDefense communicated effectively; neither the language nor time difference was a barrier to the successful partnership. The deliverables were affordable and high quality.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I'm the VP of Engineering at Palo Alto Software, a 100-person software company with multiple SaaS products.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

As part of operating a business email service, we hired UnderDefense to test our application's security. It is important that our customer's data is secure and that our application protects them from malicious behavior. We have some internal security knowledge but knew that we needed an expert team to do a comprehensive evaluation of our software.

What were your goals for this project?

Our primary goal was to establish that our application met baseline security requirements, and to have a clear remediation plan for cases where it didn't.

SOLUTION

How did you select this vendor?

UnderDefense discovered a vulnerability in our application and made a responsible disclosure to us. We were already in the market to hire a penetration testing firm, and our positive interaction with UnderDefense along with their competitive pricing helped us to select them.

Describe the project in detail.

The project entailed external perimeter penetration testing and "grey box" web application penetration testing. We had several conference calls to establish the scope of work and outline our internal assets, followed by a three-week evaluation. The result of the project was a detailed report with a general grade of our security status and a list of discovered security vulnerabilities with detailed reproduction steps.

What was the team composition?

UnderDefense provided two security consultants along with project management. I was the only person involved on my side of the project.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

We are very pleased with the results of the evaluation. UnderDefense completed a thorough investigation and presented a polished report that was informative and easy to read.

How effective was the workflow between your team and theirs?

Despite being in very different time zones, communication was fairly straight-forward. We mostly communicated via conference call and a shared Slack channel. I was a little nervous about potential language barrier issues, but that was not a problem at all.

What did you find most impressive about this company?

I don't know that there was any one thing that stood out about them. They did quality professional work, at a reasonable price.

Are there any areas for improvement?

They could have provided more progress reports during the evaluation, but given the short duration of the project, it wasn't necessary.

5.0
Overall Score I had a very positive experience with them.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    They were able to work us into their schedule quickly and were very flexible about timing.
  • 5.0 Cost
    Value / within estimates
    They were less expensive than competitors that we evaluated.
  • 5.0 Quality
    Service & deliverables
    I have experience with two other penetration testing firms and UnderDefense provided superior results to what I've previously seen.
  • 5.0 NPS
    Willing to refer

Cyber Security for Marketing Firm

"UnderDefense is that they became more of a partner than a vendor."

Quality: 
5.0
Schedule: 
5.0
Cost: 
4.5
Willing to refer: 
5.0
The Project
 
$50,000 to $199,999
 
Mar. 2019 - Ongoing
Project summary: 

UnderDefense provided cybersecurity development and consulting services, working on improving a CRM system’s data protection. They moved the system from a shared-server platform to a private AWS infrastructure.

The Reviewer
 
1 - 10 Employees
 
Mount Laurel, New Jersey
Margaret Audet
President, Market Access Direct, LLC
 
Verified
The Review
Feedback summary: 

UnderDefense was able to execute the cybersecurity improvements in a very short timeframe, ensuring the platform could pass ongoing penetration testing within a number of weeks. They are collaborative, helpful, and extremely dedicated, working round the clock to meet the project requirements.

A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

BACKGROUND

Introduce your business and what you do there.

I’m the owner and system director of Market Access Direct, a marketing, consulting, and lead generation company. We focus on senior market products such as Medicare supplements or final expense insurance.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with UnderDefense?

We were trying to address our security. Our CRM’s security requirements needed to reflect the policy-holder data and personally-identifying information (PII) in it. We started looking for cybersecurity help when we realized our existing process was insufficient.

SOLUTION

What was the scope of their involvement?

They took us from a shared-server platform to a private AWS infrastructure. They created a roadmap for us, so we knew where our data resided, how it was accessed, and how it was treated and protected. Everything needed to be addressed and put into the roadmap, and we had a very short time to get this done.

One of the invaluable consulting services UnderDefense gave us was walking us through the different areas where we needed security. I had done some research, then they drew us a picture of how we’d access the data, encryption, vulnerabilities, and solution.

What is the team composition?

We worked with 5–6 people from their team.

How did you come to work with UnderDefense?

I went through all the vendors listed on Clutch and got quotes, then Victoria (Cybersecurity Strategic Partnerships & Business Development, UnderDefense) called us that very night to say she would take our project to her CEO. Within three hours, I was contacted by someone who said they could help us. I explained the timeline and highlighted the fact that we couldn’t change it even though it was extremely tight.

Nazar (CEO, UnderDefense) called us the next night. He had a consultative approach and took time to educate us before we picked them. I’m based outside Philadelphia, and he took the time to come to our location, going above and beyond to help our decision. It was comforting, as we were in trouble with our cybersecurity.

How much have you invested with them?

For the first phase, we’re now at $25,000. Going forward, they’re going to reperform penetration vulnerability testing every 4–6 weeks over the next year. There will be a monthly spend of $10,000–$20,000 for the foreseeable future.

What is the status of this engagement?

We started working with UnderDefense in March 2019, and our collaboration is ongoing. Within three weeks, they had the platform up and running.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

We wouldn’t have passed any testing before, then two and a half weeks in, the vulnerability testing was looking really good, and the penetration testing identified a couple of things to work on. Now, I feel we’re free and clear.

UnderDefense rapidly organized a team that understood the code we were moving and how the system needed to be accessed by multiple users. They acted on the roadmap in such a way to not disturb our workforce, frequently working at night. We threw them some curveballs, and they handled them nicely.

How did UnderDefense perform from a project management standpoint?

I’m very pleased. We normally communicate over phone and email.

What did you find most impressive about them?

UnderDefense is that they became more of a partner than a vendor. We had two other companies tell us that our requirements weren’t acceptable, but UnderDefense put together a problem-solving team that figured it out. Both sets of people—on our side and theirs—did their own research, reconvened, talked through different solutions, and then deployed one. It was quite collaborative.

I’m also now very familiar with what a virtual CIO is. In a very short period of time, UnderDefense explained it to us and put solutions in place. We have a higher standard of actually participating with our clients, in terms of protecting their data.

Are there any areas they could improve?

No. I expected there to be some time-zone or language issues, but there weren’t. Their project manager was in New York, so we had face-to-face brainstorming meetings. I would highly recommend them.

Do you have any advice for future clients of theirs?

It’s easy to make a list of services to buy and think we know best, but this was new territory for me. UnderDefense proposed the best solutions for me and are exactly the kind of partner I’d choose.

5.0
Overall Score They were exactly what we needed and did exactly what we asked for.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    They worked through the night to deliver all our projects, and they met our timelines.
  • 4.5 Cost
    Value / within estimates
    They were comparable to the other companies we talked to.
  • 5.0 Quality
    Service & deliverables
    We received a quality output within very tight timelines.
  • 5.0 NPS
    Willing to refer
    They were reliable, and we trusted the work they did.

Security Operations Center for Gaming Operator

"UnderDefense has been very loyal and a great group to work with."

Quality: 
4.5
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
$50,000 to $199,999
 
Jan. 2019 - Ongoing
Project summary: 

UnderDefense implemented a security operations center (SOC) for a casino and gaming operator. Deliverables included several use cases and the development of incident response and service management procedures.

The Reviewer
 
1,001-5,000 Employees
 
Malta
Matthew Sciberras
Director of Information Security, Betsson Group
 
Verified
The Review
Feedback summary: 

UnderDefense successfully launched the SOC within the specified timeline. The team draws from an exhaustive understanding of the InfoSec space to ensure practical and thorough policies. The firm is organized and personable, making for a hassle-free engagement.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I am the director of information security at Betsson Group. We offer casino, sportsbook and other games via gaming licenses in 11 countries in Europe and Central Asia.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

We engaged UnderDefense to serve as the team in our security operations center (SOC). Their purpose is to monitor our production data in real time.

What were your goals for this project?

We had an aggressive timeline in that we wanted to launch very quickly. We needed a partner that could offer high value at a reasonable price and feature an extensive knowledge of the InfoSec space. 

SOLUTION

How did you select this vendor?

We received seven proposals in response to our request for tenders. We selected UnderDefense because they met most of our stated requirements.

Describe the project in detail.

We held several discovery meetings with UnderDefense so that they could understand how we operate. They have visited each of our locations to learn about nuanced scenarios and build relationships with staff. The UnderDefense team developed several use cases that we approved, and they managed to meet our specified launch date of April 1, 2019.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Within three months, UnderDefense defined a great number of use cases, and we have a plan to stage two use cases using Splunk Enterprise Security. UnderDefense built incident response and service management procedures from the ground up and conducted tabletop testing to ensure we are hitting all of our requirements.

How effective was the workflow between your team and theirs?

We communicate through Slack and Jira to keep track of all of our projects. We also have a Kanban board arranged to see what is progressing, paused or completed.

What did you find most impressive about this company?

They capably developed our SOC within the timeline. UnderDefense has been very loyal and a great group to work with.

Are there any areas for improvement?

No, everything has gone well to this point.

5.0
Overall Score I'm a happy customer.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    They have always been available.
  • 5.0 Cost
    Value / within estimates
    UnderDefense is very cost effective.
  • 4.5 Quality
    Service & deliverables
    They understand how to manage security operation centers.
  • 5.0 NPS
    Willing to refer
    I would definitely recommend them.

Ethical Hacking for Infrastructure Penetration Testing

“UnderDefense delivered our project on a high-quality level.”

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Oct. 2018 - Dec. 2018
Project summary: 

UnderDefense provided professional infrastructure penetration testing. They assessed a software firm’s environment and detected vulnerabilities to monitor to keep the customer database secure.

The Reviewer
 
1,001-5,000 Employees
 
Kyiv, Ukraine
Aleksandr Maklakov
CIO , Kromtech
 
Verified
The Review
Feedback summary: 

UnderDefense performed a high-caliber investigation that yielded generative insight. They documented their useful findings in detail, clearly explained the takeaways, and even provided a free follow-up test. Transparent communication and quality service make them a reliable partner. 

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I am a CIO of Kromtech. Our company provides international software and technology services on the global market.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

Our business required infrastructure penetration testing.

What were your goals for this project?

We wanted to test our environment to see whether an attacker would be able to access our database of customer information.
 

SOLUTION

How did you select this vendor?

We chose them based on our previous experience working together. 

Describe the project in detail.

UnderDefense’s team of ethical hackers investigated our system for three weeks. They detected a chain of vulnerabilities we needed to monitor. In a report we received at the end of the project, they indicated the flaws classified by level of severity. They provided extensive explanations of the specific degrees of risk.  

As a bonus, UnderDefense provided a free remediation penetration test to check how we should cover all of the gaps. We plan to continue working together on a more in-depth analysis of our company. Going forward, we’ll conduct an internal penetration test similar to our previous experience with UnderDefense.

What was the team composition?

The team included three ethical hackers.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

We conducted this project to analyze our system for any loopholes a hacker may notice. UnderDefense's cybersecurity experts offered a professional view from which to tackle these problems. The penetration testing gave us valuable insights into the strong and weak points of our infrastructure.

How effective was the workflow between your team and theirs?

We are satisfied with the workflow between our companies. Since UnderDefense executed the project remotely, we communicated through calls and emails. The team kept us informed about the investigation’s progress and sent us their findings from each level of the security checks.

What did you find most impressive about this company?

We appreciate the clear communication our companies have established. UnderDefense delivered our project at a high-quality level.

Are there any areas for improvement?

We want to continue our collaboration in the near future.

4.5
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Penetration Testing for IT Services Firm

"They are a very professional team and company."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Dec. 2018 - Dec. 2019
Project summary: 

To identify potential data leaks for an IT services firm, UnderDefense conducted penetration testing and password decryption testing. Once found, they provided security support to protect data further.

The Reviewer
 
11-50 Employees
 
London, UK
Security Expert, IT Services Firm
 
Verified
The Review
Feedback summary: 

UnderDefense not only reported the presence of possible data leaks, but they also helped to repair security measures to keep it secure. The team is responsive and honest, making them a valuable partner.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I am a security expert at an IT services firm.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

UnderDefense coordinated penetration testing and provided security support for our website to identify and solve potential data leaks.

What were your goals for this project?

We relied on UnderDefense to review the state of our safety measures and to check the strength of our passwords by simulating an attack.

SOLUTION

How did you select this vendor?

UnderDefense’s security specialists identified our potential data leak following an internet misconfiguration. The contacted us and informed us of their findings according to a responsible disclosure model.

Describe the project in detail.

UnderDefense identified and solved our potential data leaks. Afterward, we requested password decryption testing to simulate further outside attacks and measure the time necessary to access our data. We wanted to determine our risks and assess the potential damage we could face.

What was the team composition?

We worked with two security analysts.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

UnderDefense supported us in our efforts to secure our website and ensure that we have data stored in accordance with all regulations.

How effective was the workflow between your team and theirs?

UnderDefense’s team is communicative and highly responsive.

What did you find most impressive about this company?

They proved to be professional and trustworthy.

Are there any areas for improvement?

No, they did not underperform in any way.

5.0
Overall Score They are a very professional team and company.
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Cybersecurity Assessment for Software Company

"Their team completed an excellent evaluation of our assets and provided valuable advice."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Aug. - Oct. 2018
Project summary: 

UnderDefense performed a full cybersecurity audit to ensure ISO 27001 compliance. The audit examined incident response, antivirus controls, and vulnerability management. 

The Reviewer
 
201-500 Employees
 
Scotch Plains, New Jersey
Pavlo Umanets
Director of Operations, CoreValue Services LLC
 
Verified
The Review
Feedback summary: 

The thorough, detailed audit prepared the company to eliminate vulnerabilities and seek ISO 27001 status. UnderDefence communicated clearly, made highly valuable suggestions, and delivered excellent results. Their deep cybersecurity knowledge enabled them to craft an individualized success plan. 

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I'm the director of operations at CoreValue, which has over 350 employees. Based in the U.S. with development centers in Ukraine, we build software for enterprises in the U.S. and Western Europe. We also provide traditional cloud-based CRM implementation, and build mobile applications for the pharmatech, healthcare, and finance industries.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

We're planning to gain ISO 27001 status, so we needed an assessment from a reliable cybersecurity and ISO compliance partner. 

What were your goals for this project?

We wanted to complete an assessment, identify current gaps, plan a road map, and implement compliance practices in preparation for our ISO 27001 internal audit.

SOLUTION

How did you select this vendor?

A close friend gave me a referral. We'd heard that UnderDefense is a highly qualified, trusted cybersecurity company.

Describe the project in detail.

UnderDefense helped us establish the Information Security Management System and fulfill its requirements. The team prepared a comprehensive roadmap to rapidly eliminate nonconformities. They also offered detailed recommendations to achieve adherence.  

These controls included, but were not limited to, incident response, antivirus controls, vulnerability management, security awareness, asset management, password controls, and remote work controls.

What was the team composition?

They provided two security auditors.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

UnderDefense provided a detailed ISO 27001 roadmap and described how to bolster our security posture. Their team completed an excellent evaluation of our assets and provided valuable advice for improving our security area.

How effective was the workflow between your team and theirs?

Throughout the setup, execution, and feedback phases, UnderDefense kept everyone in touch. This prevented miscommunication, confusion, and frustration.

What did you find most impressive about this company?

Through their strong technical expertise, along with the latest and best cybersecurity knowledge, they built a unique solution tailored to our needs.

Are there any areas for improvement?

No, everything was great.

5.0
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Security Monitoring and Prevention for Product Retailer

"Working with UnderDefense is an educational experience."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Sept. 2018- Ongoing
Project summary: 

UnderDefense provides cybersecurity monitoring and performs preventative measures when they detect issues. They also dedicate their skills to solve infrastructure breaches.

The Reviewer
 
1-10 Employees
 
San Francisco
CTO, Product Retailer
 
Verified
The Review
Feedback summary: 

The security support provided by UnderDefense has led to identifying and solving potential data leakage threats. Their assistance has resulted in an informed, strengthened sense of security in protecting infrastructure. They are flexible and give guidance within this ongoing project.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I’m the CTO of a company offering behavioral technologies for parents’ challenges with their children. Our products instill structure and routine to provide children with organizational skills.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

We needed an audit on parts of our infrastructure, as well as security monitoring and prevention. We wanted to be educated about these security skills while the UnderDefense team implemented them.

What were your goals for this project?

We wanted to ensure that there was no data leakage in our infrastructure.

SOLUTION

How did you select this vendor?

UnderDefense approached us after they did research and provided a responsible disclosure on our vulnerabilities. 

Describe the project in detail.

We began the project with multiple meetings. The first was for UnderDefense to introduce their research and solutions. They also presented a framework for navigating issues. Within this first meeting, they identified a potential security issue. The second time we met was to confirm the plan and consider suggestions. They continue to improve and maintain our security.

What was the team composition?

We primarily worked with the founder and security consultant they provided.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

After identifying the potential threat, UnderDefense successfully mitigated the issue. They provide ongoing security maintenance.

How effective was the workflow between your team and theirs?

They are great communicators; they have a clear, concise, effective style of interacting. Though we were working in different time zones, they managed to work with our schedule. We’ve been delighted with their service.

What did you find most impressive about this company?

Working with UnderDefense is an educational experience. They taught us the technical aspects and the processes related to cybersecurity.

5.0
Overall Score
  • 5.0 Scheduling
    ON TIME / DEADLINES
  • 5.0 Cost
    Value / within estimates
  • 5.0 Quality
    Service & deliverables
  • 5.0 NPS
    Willing to refer

Security Solutions Dev for Telecommunications Company

"UnderDefense knew exactly what to focus on in order to produce outcomes that were beneficial for our company."

Quality: 
5.0
Schedule: 
5.0
Cost: 
5.0
Willing to refer: 
5.0
The Project
 
Less than $10,000
 
Aug. - Sept. 2018
Project summary: 

UnderDefense developed an insider threat and fraud detection software solution.

The Reviewer
 
1,001-5,000 Employees
 
Kiev, Ukraine
Senior Information Security Officer, Telecommunications Company
 
Verified
The Review
Feedback summary: 

Receptive and attuned to the project's unique challenges and end states, UnderDefense quickly delivered a targeted, customized solution for ongoing data protection. The team fostered a collaborative environment through in-depth engagement and detailed explanations of cybersecurity operations.

The client submitted this review online.

BACKGROUND

Please describe your company and your position there.

I am the head of the information security department at a telecommunication company. A leader in B2B and B2C services, our company is the largest telecommunication organization in the country. 

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire UnderDefense?

We hired UnderDefense to help us indentify insider threat and fraud.

What were your goals for this project?

Our goals were to establish maximum protection of our assets’ sensitive data and gain a better picture of the security and operational activity within our infrastructure.  

SOLUTION

How did you select this vendor?

We had been searching for the right security solutions and subsequent high-quality maintenance for awhile when a sales representative we worked with recommended UnderDefense. They were a knowledgeable, experienced cybersecurity provider with the right background in various security tools and systems. 

Describe the project in detail.

Both teams—ours and UnderDefense’s—first determined all the requirements necessary to complete the project quickly. In addition to explaining the behavior of our assets, they also created an anomaly detection model for future identification and response processes. 

What was the team composition?

Their team consisted of one security engineer and one lead security analyst. 

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Our understanding of operational activity has increased dramatically.

How effective was the workflow between your team and theirs?

With their open and straightforward approach during the early stages, UnderDefense knew exactly what to focus on in order to produce outcomes that were beneficial for our company now and in the long term.

What did you find most impressive about this company?

UnderDefense impressed us with their honesty and transparency. Moreover, they didn't just rush to provide us with generic security services; they learned about our challenges and goals in order to better understand where they could best protect and support us. Their expertise met our expectations and addressed our issues entirely.  

Are there any areas for improvement?

There are absolutely no areas for improvement. This has been one of our greatest experiences working with a service provider. 

5.0
Overall Score They are one of the top boutique cybersecurity firms.
  • 5.0 Scheduling
    ON TIME / DEADLINES
    We successfully met all timelines and goals.
  • 5.0 Cost
    Value / within estimates
    They offer affordable pricing.
  • 5.0 Quality
    Service & deliverables
    We are satisfied with the team's professionalism.
  • 5.0 NPS
    Willing to refer
    We fully recommend this team of experts.