We stop cyber attacks and prevent data breaches

GOLD VERIFIED

We at UD are dedicated to supporting organizations around the world in planning, building, managing, and running successful security operations, IS  programs, meeting and maintaining compliance regulations and exceeding organizations abilities to run their businesses securely and confidently.   

UD team of talented and professional cybersecurity experts partner with enterprise-class organizations to provide a full package of Cyber Security engineering services and solutions including Experts, Security Assessments, Compliance audits, Product Advisory Services, Threat and Vulnerability Management, Incident Detection & Response, Network & Security architecture, implementation, and much more.

We don’t just do; we think, innovate, and create new security capabilities to combat tomorrow’s threats today.

 
$5,000+
 
$50 - $99 / hr
 
50 - 249
 Founded
2016
Show all +
New York, NY
headquarters
  • 111 John Str Suite 420
    New York, NY 10038
    United States
other locations
  • United States

Portfolio

Key clients: 
Small and medium businesses in Online Gaming, Telecom, FinTech, Technology companies
UnderDefense Security Operations Center Image

UnderDefense Security Operations Center

Here is our second SOC where our security specialists are monitoring clients' security 24/7! 

UnderDefense Security Operations Center is a 24x7x365 Cybersecurity Defense through managing the security of all your network devices, servers, and Cloud Infrastructure. Our professional cybersecurity experts assist organizations with anomaly and intrusion detection. 

We monitor the alerts that appear on

our dashboards and immediately respond to them - all to protect our customers from significant money loss caused by data breaches and battle cyberattacks. 
UnderDesense Security Operations Center (SOC) Image

UnderDesense Security Operations Center (SOC)

Here is one of our SOCs!

UnderDefense Security Operations Center is a 24x7x365 Cybersecurity Defense through managing the security of all your network devices, servers, and Cloud Infrastructure. Our professional cybersecurity experts assist organizations with anomaly and intrusion detection. 

We monitor the alerts that appear on our dashboards and immediately respond to them - all to protect

our customers from significant money loss caused by data breaches and battle cyberattacks. 
Retail Mobile Application Penetration Testing Image

Retail Mobile Application Penetration Testing

View case study at https://underdefense.com/wp-content/uploads/2020/03/Retail-Mobile-Application-Penetration-Testing-Case-Study.pdf

 

Client: Oil&Gas Company

Technical goals:

  • Test Mobile Application with initial access (unprivileged
user profile) from the attackers’ perspective
  • Detect and give recommendations on fixing security issues to protect sensitive data, users’ money and company reputation
  •  

    Business Goals:

    • Evaluate the current level of mobile application and platform security.
    • Identify gaps in current cybersecurity posture and check the IT environment for weaknesses.
    • Provide an accurate evaluation of the security level after the remediation phase.

     

    Solution: This Comprehensive Security Assessment allowed our client to strengthen weak spots in their Mobile Application Security.

     

    Result: Overall security posture was improved after remediation from grade D (Poor) to A (Excellent) following recommendations provided in our Penetration Testing Report. Saved customer's data from leakage. At the end, our client was able to meet the highest level of compliance and regulation standards.

    Director of Google Security about CyberSecurity and UnderDefense team     

    CISO answers - Interview with iGaming CIO

    In this interview Matthew Sciberras shares his insights on accomplishing cybersecurity challenges, detecting and blocking attacks, people hiring and management, security and compliance in iGaming and the value Security Operations bring to the company.


    He works for one of the largest companies within the European iGaming industry with 20+ brands offering Casino, Sportsbook and other Games.

    Threat and Fraud detection in #1 National Telecom  Image

    Threat and Fraud detection in #1 National Telecom

    Client: #1 National Telecommunications and Internet Technologies provider.


    View all case study at https://underdefense.com/web-application-penetration-testing/


    Technical Challenge: We had to monitor 600,000,000 historical unstructured old data and 2,000,000 events per day.


    Business Challenge: We had to provide an assurance to telecom’s clients on security and controls protecting the privacy and confidentiality of users’ data. Processing integrity of the systems that generate their customers ability to connect to the global world.


    Solution: Splunk helped us to investigate the situation in order to detect deceivers and avoid company fraud.


    Result: After detecting the fraudulent activity with Splunk, the company saved $1,08M in loses. Around 300 insider fraudsters were fired and corporate data leakage was prevented saving clients’ data and privacy.

    Keeping cyber crime in secret | Stories by ISACA Board Member "Radar" Riley Image

    Keeping cyber crime in secret | Stories by ISACA Board Member "Radar" Riley

    Watch the whole video at YT https://www.youtube.com/watch?v=kuN9Q7OKjIk


    The interview focuses on the cyber threats current situation of educational and oil&gas industries in general and particularly at Houston, vendor management issues and mindset of acting proactively to cyberthreats and fraud.


    "Radar" Riley is a

    Security Expert, experienced Manager of Information Security, Security and Compliance with an NYSE listed multinational Oil & Gas conglomerate. Also, he is a Board Member of ISACA, an Advisory Board of Houston Community College and many more honoring titles.


    His approach teaches how to avoid cybersecurity troubles in your company and establish an armour from cyber fraud and crime in your business environment!

    Web Application Penetration testing for Marketing Service Firm Image

    Web Application Penetration testing for Marketing Service Firm

    View case study at https://underdefense.com/web-application-penetration-testing/


    Client: International Marketing Service Firm


    Challenge: Client data security and Compliance requirements from a very prominent customer were a initial stimul to conduct Application Security testing and build a solid

    Security Assurance process to mitigate similar issues in the future


    Solution: This Comprehensive Security Assessment allowed our client to strengthen weak spots in their Web Application Security


    Result: Overall security posture was improved after remediation from grade F (Inadequate) to A (Excellent) following recommendations provided in our Penetration Testing Report

    Reviews

    Sort by

    SOC/MDR Deployment for Cybersecurity Company

    "We are all happy with the project delivery."

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    $10,000 to $49,999
     
    Feb. - Mar. 2020
    Project summary: 

    A cyber security company wanted to implemented SOC/MDR and hired UnderDefense to assist with the project. The team was focused on identifying scope, milestones, and plan to execute the project.

    The Reviewer
     
    11-50 Employees
     
    Chicago, Illinois
    Gene Isayev
    CTO, Cyber Security Company
     
    Verified
    The Review
    Feedback summary: 

    The project launched meeting all requirements that the company set for it. The project management was good and held everyone accountable. The team understands the industry landscape and what the company needed.

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    We are a cybersecurity consulting and services company. CTO.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    As a part of the service portfolio expansion we were looking to implement SOC/MDR offering and relied on the expertise of UnderDefense to identify scope, milestones, and plan to execute the project.

    What were your goals for this project?

    The project goals were to develop a cyber monitoring service that could be consumed internally and by our clients.

    SOLUTION

    How did you select UnderDefense?

    UnderDefense is a mature organization with proved record and team that has demonstrated required expertise for this project.

    Describe the project in detail.

    The project entailed selection of the technology and validation of use cases. The service was intended to consume various sources of data, and creation of correlation rules and alerts which would produce reduced noise level data.

    What was the team composition?

    The internal team was limited. UnderDefense brought 3 resources - 1 project manager and 2 additional engineers.

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    The final result of the project was deployment of cloud solution that had necessary compute and license capacity to accommodate the requirements and growth.

    How effective was the workflow between your team and theirs?

    Both teams has accepted simplified approach - the collaboration meetings were set when necessary, Project manager has kept everyone accountable and honest on the progress and milestones.

    We had direct access to the engineering team and if necessary were able to make adjustments within the same day.

    What did you find most impressive about this company?

    UnderDefense leadership really understands the industry landscape and customer needs. The engineering resources assigned to the project had impressive skills and experience in the field.

    Are there any areas for improvement?

    We are all happy with the project delivery.

    5.0
    Overall Score
    • 5.0 Scheduling
      ON TIME / DEADLINES
    • 5.0 Cost
      Value / within estimates
    • 5.0 Quality
      Service & deliverables
    • 5.0 NPS
      Willing to refer

    Compliance & Penetration Test for SaaS in Higher Education

    “You can trust their services and they’re affordable and quick.”

    Quality: 
    4.5
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    $10,000 to $49,999
     
    Jan. – May 2020
    Project summary: 

    UnderDefense conducted compliance audits and infrastructure penetration tests for a SaaS company in the education space. They outlined new processes and procedures, and launched toolkits for compliance.

    The Reviewer
     
    51-200 Employees
     
    Lviv, Ukraine
    Ivan Babichuk
    VP of Engineering, EduNav
     
    Verified
    The Review
    Feedback summary: 

    UnderDefense delivers quality work that satisfies their client. The team was responsive and supported. They helped their partners and took the time to understand project details. As a result, it was a very positive engagement.  

    A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

    BACKGROUND

    Introduce your business and what you do there.

    I’m the VP of engineering at EduNav, a company that offers products for higher education.

    OPPORTUNITY / CHALLENGE

    What challenge were you trying to address with UnderDefense?

    We needed help with compliance audits and penetration tests of our infrastructure.

    SOLUTION

    What was the scope of their involvement?

    They helped us create all the required processes, procedures, and policies to be SOC2 compliant. They helped us identify and deploy internal toolkits to support compliance as well.

    What is the team composition?

    We worked with three people.

    How did you come to work with UnderDefense?

    They were referred to us.

    How much have you invested with them?

    We spent $15,000–$16,000.

    What is the status of this engagement?

    We started working together in January 2020 and the work is ongoing.

    RESULTS & FEEDBACK

    What evidence can you share that demonstrates the impact of the engagement?

    They conducted the work very quickly. It took probably one week to set up all the penetration tests and receive the reports. That also included the second run of the identified issues. The team was very professional. We had no questions on the reports and findings they provided to us. Everything is spot on and we’re very satisfied with the results. On the self-compliance cooperation, I rate them 4 out of 5. They were quick and responsive and helped a lot with the policies and procedures.

    How did UnderDefense perform from a project management standpoint?

    Communication is great. They’re always on time in all the meetings. They were organized perfectly. We had weekly meetings with the teams involved on both sides. Everything was managed by their side. We were tracking spreadsheets to see the progress. We met the original deadline that we set.

    What did you find most impressive about them?

    They really tried to help as much as possible and took the time to understand all the details. They had very friendly communication.

    Are there any areas they could improve?

    They could improve their English and quality of the documents they created.

    Do you have any advice for potential customers?

    Don’t think twice, especially with the penetration testing. You can trust their services and they’re affordable and quick.

    5.0
    Overall Score
    • 5.0 Scheduling
      ON TIME / DEADLINES
    • 5.0 Cost
      Value / within estimates
    • 4.5 Quality
      Service & deliverables
    • 5.0 NPS
      Willing to refer

    Pentest for SaaS Company

    "We are really grateful for their quick responsiveness and sensitivity to customer needs."

    Quality: 
    4.5
    Schedule: 
    4.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    Less than $10,000
     
    Apr. 2019 - Jan. 2020
    Project summary: 

    UnderDefense conducted third-party penetration testing for a SaaS website and mobile application. They test annually and after major releases.

    The Reviewer
     
    51-200 Employees
     
    Kiev, Ukraine
    Project Manager, SaaS Company
     
    Verified
    The Review
    Feedback summary: 

    Although there aren’t any metrics, the client is pleased with UnderDefense’s work. The team responded quickly and addressed needs immediately. To communicate, they used Slack and phone calls. 

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    We're a SaaS platform with both web & mobile experiences. I was managing all communication between our engineers, leadership and UnderDefense team.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    We were looking for a 3rd party penetration testing to be repeated annually and/or after major releases.

    What were your goals for this project?

    The main goal was using the final report and attestation letter in security reviews of big enterprise clients.

    SOLUTION

    How did you select this vendor?

    I was googling local cybersecurity companies in Ukraine and found out about clutch.co platform. I and our tech lead had discovery calls with the two top companies from our shortlist. We liked UnderDefense for their openness, the clarity they provided in options that we had and the steps we needed to take. And I also want to highlight the quick responsiveness of our BD manager Lily, that was a huge +

    Describe the project in detail.

    UnderDefense did pentest of our website platform and mobile application. I can't share more.

    What was the team composition?

    2 engineers that were performing the pentest and remediation testing itself and Business Development Manager

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    Sorry, I can't share the details.

    How effective was the workflow between your team and theirs?

    We usually connected over the phone with our BD manager, she usually responded very quickly to any questions we had. We organized all communication with engineers through Slack. Overall, we are pleased with how things were set up.

    What did you find most impressive about this company?

    We are really grateful for their quick responsiveness and sensitivity to customer needs.

    Are there any areas for improvement?

    We are satisfied with the result.

    4.5
    Overall Score
    • 4.0 Scheduling
      ON TIME / DEADLINES
    • 5.0 Cost
      Value / within estimates
    • 4.5 Quality
      Service & deliverables
    • 5.0 NPS
      Willing to refer

    Digital Security Testing for Oil & Gas firm

    "We had communication every day, including weekly retrospectives, planning meetings, and office visits."

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    $10,000 to $49,999
     
    Aug. - Sept. 2019
    Project summary: 

    UnderDefense performed analysis and audit on the website and mobile app security of an oil and gas provider. They also provided security training and solutions for the problems discovered.

    The Reviewer
     
    5,001-10,000 Employees
     
    Lviv, Ukraine
    Roman Stefanyshyn
    Information Security Officer, OKKO Group
     
    Verified
    The Review
    Feedback summary: 

    The project was highly successful, finding and eliminating security threats in digital infrastructure and saving the company over $10,000 in potential customer loss from violations. The UnderDefense team went above and beyond their scope, ensuring their client could also prevent future violations.

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    I am a Roman Stefanyshyn information security officer in OKKO Group. Our company has one of the biggest shares at the national market of Oil&Gas branded filling complexes. Our specialty is the retail of automotive fuels, products and restaurants as complimentary products to make the experience of our customers amazing.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    We hired UnderDefense to check our Mobile iOS and Android Applications for vulnerabilities and weak spots. The revealed flaws were used to formulate recommendations and build the strategy of strengthening our security posture

    What were your goals for this project?

    Mobile penetration testing was the first step in our engagement. Also, we plan to check our Infrastructure and business Web Application for possible flaws. These precautionary measures were essential to eliminate risks of unauthorized access and receiving confidential and financial information by adversaries.

    SOLUTION

    How did you select this vendor?

    We heard good references about their work.

    Describe the project in detail.

    UnderDefense security experts followed OWASP Mobile Application Security Verification Standard. Their team closely cooperated with our internal development and security teams. We started with mapping all stages of our engagement divided into a few blocks.

    Each day we received updates on detected vulnerabilities. During our weekly retrospectives, we worked on improving our workflow to get maximum results. Also, our project required onsite visits to check the special functionality of QR codes service for our clients.

    Most of the work was done remotely and onsite visits were needed to deliver findings to our C-level team and repeatedly check a particular functionality in real-time. The last touchpoint of our involvement was the findings report delivery and working with our internal team by mentoring how to mitigate found gaps.

    What was the team composition?

    2 pentesters, 4 weeks

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    The critical marker of received results are the money. We were able to save almost ten thousand dollars. After penetration testing chances of stealing clients’ money from banking cards have sufficiently diminished.

    How effective was the workflow between your team and theirs?

    We had communication every day, weekly retrospectives, planning meetings and office visits. UnderDefense has not only found security gaps in our Mobile App, but also helped our internal team understand and close them.

    What did you find most impressive about this company?

    They went beyond the scope of a regular penetration test as additionally executed trainings on security topics covering SOC, SDLC, and Vulnerability management topics. Also, we received two types of reports: a report with findings and recommendations on how to solve found vulnerabilities and a C-level report with a summary of critical findings.

    Are there any areas for improvement?

    We plan a long-term cooperation.

    5.0
    Overall Score We really liked to work with them.
    • 5.0 Scheduling
      ON TIME / DEADLINES
      Everything was delivered according to time frames
    • 5.0 Cost
      Value / within estimates
      They over-exceeded our expectations by delivering more than we had in scope.
    • 5.0 Quality
      Service & deliverables
      They are great professionals in cybersecurity.
    • 5.0 NPS
      Willing to refer
      They delivered an excellent service and we are willing to recommend them

    Security Monitoring for Healthcare Provider

    "In the end, the company convinced us with its quality, flexibility and proximity."

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    4.5
    Willing to refer: 
    5.0
    The Project
     
    $50,000 to $199,999
     
    Feb. - Sept. 2019
    Project summary: 

    UnderDefense provided high-level malware analysis for a third-party healthcare provider, delivering rapid determinations of proper responses to potentially malicious programs interacting with the website.

    The Reviewer
     
    201-500 Employees
     
    Frankfurt (Germany)
    Director, Software Vendor
     
    Verified
    The Review
    Feedback summary: 

    The security of the website measurably increased as a result of the service UnderDefense provided. Their response rate increased the website's overall reaction times and satisfied all the client's needs with their strong work, reliability, and adaptability.

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    I'm the Technical Director Security & Strategic Alliances at a software vendor headquartered in Frankfurt (Germany). Our company has about 400 employees and we serve corporate clients all over the world.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    Our customer (a healthcare provider) had the demand that malware finds be processed promptly by an external SOC team on the basis of our Automated Endpoint Security. An own SOC team could not be provided by the customer. The huge number of malware infections had to be handled in the large IT infrastructure.

    What were your goals for this project?

    The response times for malware infestation had to be increased. Potentially unwanted applications had to be evaluated and whitelisted or blocked.

    SOLUTION

    How did you select this vendor?

    We've looked at different vendors. Through a contact at the security fair RSA in San Francisco we got to know underdefense. Also with our cooperation partners underdefense is well-known. In the end, the company convinced us with its quality, flexibility and proximity.

    Describe the project in detail.

    First, the current infrastructure and situation were reviewed. Then the corresponding service levels were determined. After an introductory phase with highly qualified employees, the project was supported by additional employees. Regular reporting and coordination took place. When alerts arose, immediate consultation was held and measures initiated.

    What was the team composition?

    The customer was supported by our project managers, product managers, support staff and the support of malware analysts from underdefense.

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    The number of events could be processed very quickly. The security of the company was increased thanks to our solution and the technical support of underdefense. Customer satisfaction is guaranteed.

    How effective was the workflow between your team and theirs?

    Regular reporting and coordination took place. When alerts arose, immediate consultation was held and measures initiated.

    What did you find most impressive about this company?

    In the end, the company convinced us with its quality, flexibility and proximity.

    Are there any areas for improvement?

    We are very satisfied

    5.0
    Overall Score We would like to expand our cooperation for further projects as well
    • 5.0 Scheduling
      ON TIME / DEADLINES
      Nothing to complain about
    • 4.5 Cost
      Value / within estimates
      The costs are fair
    • 5.0 Quality
      Service & deliverables
      Nothing to complain about
    • 5.0 NPS
      Willing to refer
      We would like to expand our cooperation for further projects as well

    App Penetration Test for SaaS Company

    "We are very pleased with the results of the evaluation."

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    Less than $10,000
     
    Jan. - Apr. 2019
    Project summary: 

    UnderDefense delivered a security status report for a web application following penetration testing and a three-week assessment period.

    The Reviewer
     
    51-200 Employees
     
    Eugene, Oregon
    Shad Stafford
    Vice President, Engineering, Palo Alto Software
     
    Verified
    The Review
    Feedback summary: 

    The report was impactful and clearly written. UnderDefense communicated effectively; neither the language nor time difference was a barrier to the successful partnership. The deliverables were affordable and high quality.

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    I'm the VP of Engineering at Palo Alto Software, a 100-person software company with multiple SaaS products.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    As part of operating a business email service, we hired UnderDefense to test our application's security. It is important that our customer's data is secure and that our application protects them from malicious behavior. We have some internal security knowledge but knew that we needed an expert team to do a comprehensive evaluation of our software.

    What were your goals for this project?

    Our primary goal was to establish that our application met baseline security requirements, and to have a clear remediation plan for cases where it didn't.

    SOLUTION

    How did you select this vendor?

    UnderDefense discovered a vulnerability in our application and made a responsible disclosure to us. We were already in the market to hire a penetration testing firm, and our positive interaction with UnderDefense along with their competitive pricing helped us to select them.

    Describe the project in detail.

    The project entailed external perimeter penetration testing and "grey box" web application penetration testing. We had several conference calls to establish the scope of work and outline our internal assets, followed by a three-week evaluation. The result of the project was a detailed report with a general grade of our security status and a list of discovered security vulnerabilities with detailed reproduction steps.

    What was the team composition?

    UnderDefense provided two security consultants along with project management. I was the only person involved on my side of the project.

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    We are very pleased with the results of the evaluation. UnderDefense completed a thorough investigation and presented a polished report that was informative and easy to read.

    How effective was the workflow between your team and theirs?

    Despite being in very different time zones, communication was fairly straight-forward. We mostly communicated via conference call and a shared Slack channel. I was a little nervous about potential language barrier issues, but that was not a problem at all.

    What did you find most impressive about this company?

    I don't know that there was any one thing that stood out about them. They did quality professional work, at a reasonable price.

    Are there any areas for improvement?

    They could have provided more progress reports during the evaluation, but given the short duration of the project, it wasn't necessary.

    5.0
    Overall Score I had a very positive experience with them.
    • 5.0 Scheduling
      ON TIME / DEADLINES
      They were able to work us into their schedule quickly and were very flexible about timing.
    • 5.0 Cost
      Value / within estimates
      They were less expensive than competitors that we evaluated.
    • 5.0 Quality
      Service & deliverables
      I have experience with two other penetration testing firms and UnderDefense provided superior results to what I've previously seen.
    • 5.0 NPS
      Willing to refer

    Cyber Security for Marketing Firm

    "UnderDefense is that they became more of a partner than a vendor."

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    4.5
    Willing to refer: 
    5.0
    The Project
     
    $50,000 to $199,999
     
    Mar. 2019 - Ongoing
    Project summary: 

    UnderDefense provided cybersecurity development and consulting services, working on improving a CRM system’s data protection. They moved the system from a shared-server platform to a private AWS infrastructure.

    The Reviewer
     
    1 - 10 Employees
     
    Mount Laurel, New Jersey
    Margaret Audet
    President, Market Access Direct, LLC
     
    Verified
    The Review
    Feedback summary: 

    UnderDefense was able to execute the cybersecurity improvements in a very short timeframe, ensuring the platform could pass ongoing penetration testing within a number of weeks. They are collaborative, helpful, and extremely dedicated, working round the clock to meet the project requirements.

    A Clutch analyst personally interviewed this client over the phone. Below is an edited transcript.

    BACKGROUND

    Introduce your business and what you do there.

    I’m the owner and system director of Market Access Direct, a marketing, consulting, and lead generation company. We focus on senior market products such as Medicare supplements or final expense insurance.

    OPPORTUNITY / CHALLENGE

    What challenge were you trying to address with UnderDefense?

    We were trying to address our security. Our CRM’s security requirements needed to reflect the policy-holder data and personally-identifying information (PII) in it. We started looking for cybersecurity help when we realized our existing process was insufficient.

    SOLUTION

    What was the scope of their involvement?

    They took us from a shared-server platform to a private AWS infrastructure. They created a roadmap for us, so we knew where our data resided, how it was accessed, and how it was treated and protected. Everything needed to be addressed and put into the roadmap, and we had a very short time to get this done.

    One of the invaluable consulting services UnderDefense gave us was walking us through the different areas where we needed security. I had done some research, then they drew us a picture of how we’d access the data, encryption, vulnerabilities, and solution.

    What is the team composition?

    We worked with 5–6 people from their team.

    How did you come to work with UnderDefense?

    I went through all the vendors listed on Clutch and got quotes, then Victoria (Cybersecurity Strategic Partnerships & Business Development, UnderDefense) called us that very night to say she would take our project to her CEO. Within three hours, I was contacted by someone who said they could help us. I explained the timeline and highlighted the fact that we couldn’t change it even though it was extremely tight.

    Nazar (CEO, UnderDefense) called us the next night. He had a consultative approach and took time to educate us before we picked them. I’m based outside Philadelphia, and he took the time to come to our location, going above and beyond to help our decision. It was comforting, as we were in trouble with our cybersecurity.

    How much have you invested with them?

    For the first phase, we’re now at $25,000. Going forward, they’re going to reperform penetration vulnerability testing every 4–6 weeks over the next year. There will be a monthly spend of $10,000–$20,000 for the foreseeable future.

    What is the status of this engagement?

    We started working with UnderDefense in March 2019, and our collaboration is ongoing. Within three weeks, they had the platform up and running.

    RESULTS & FEEDBACK

    What evidence can you share that demonstrates the impact of the engagement?

    We wouldn’t have passed any testing before, then two and a half weeks in, the vulnerability testing was looking really good, and the penetration testing identified a couple of things to work on. Now, I feel we’re free and clear.

    UnderDefense rapidly organized a team that understood the code we were moving and how the system needed to be accessed by multiple users. They acted on the roadmap in such a way to not disturb our workforce, frequently working at night. We threw them some curveballs, and they handled them nicely.

    How did UnderDefense perform from a project management standpoint?

    I’m very pleased. We normally communicate over phone and email.

    What did you find most impressive about them?

    UnderDefense is that they became more of a partner than a vendor. We had two other companies tell us that our requirements weren’t acceptable, but UnderDefense put together a problem-solving team that figured it out. Both sets of people—on our side and theirs—did their own research, reconvened, talked through different solutions, and then deployed one. It was quite collaborative.

    I’m also now very familiar with what a virtual CIO is. In a very short period of time, UnderDefense explained it to us and put solutions in place. We have a higher standard of actually participating with our clients, in terms of protecting their data.

    Are there any areas they could improve?

    No. I expected there to be some time-zone or language issues, but there weren’t. Their project manager was in New York, so we had face-to-face brainstorming meetings. I would highly recommend them.

    Do you have any advice for future clients of theirs?

    It’s easy to make a list of services to buy and think we know best, but this was new territory for me. UnderDefense proposed the best solutions for me and are exactly the kind of partner I’d choose.

    5.0
    Overall Score They were exactly what we needed and did exactly what we asked for.
    • 5.0 Scheduling
      ON TIME / DEADLINES
      They worked through the night to deliver all our projects, and they met our timelines.
    • 4.5 Cost
      Value / within estimates
      They were comparable to the other companies we talked to.
    • 5.0 Quality
      Service & deliverables
      We received a quality output within very tight timelines.
    • 5.0 NPS
      Willing to refer
      They were reliable, and we trusted the work they did.

    Security Operations Center for Gaming Operator

    "UnderDefense has been very loyal and a great group to work with."

    Quality: 
    4.5
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    $50,000 to $199,999
     
    Jan. 2019 - Ongoing
    Project summary: 

    UnderDefense implemented a security operations center (SOC) for a casino and gaming operator. Deliverables included several use cases and the development of incident response and service management procedures.

    The Reviewer
     
    1,001-5,000 Employees
     
    Malta
    Matthew Sciberras
    Director of Information Security, Betsson Group
     
    Verified
    The Review
    Feedback summary: 

    UnderDefense successfully launched the SOC within the specified timeline. The team draws from an exhaustive understanding of the InfoSec space to ensure practical and thorough policies. The firm is organized and personable, making for a hassle-free engagement.

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    I am the director of information security at Betsson Group. We offer casino, sportsbook and other games via gaming licenses in 11 countries in Europe and Central Asia.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    We engaged UnderDefense to serve as the team in our security operations center (SOC). Their purpose is to monitor our production data in real time.

    What were your goals for this project?

    We had an aggressive timeline in that we wanted to launch very quickly. We needed a partner that could offer high value at a reasonable price and feature an extensive knowledge of the InfoSec space. 

    SOLUTION

    How did you select this vendor?

    We received seven proposals in response to our request for tenders. We selected UnderDefense because they met most of our stated requirements.

    Describe the project in detail.

    We held several discovery meetings with UnderDefense so that they could understand how we operate. They have visited each of our locations to learn about nuanced scenarios and build relationships with staff. The UnderDefense team developed several use cases that we approved, and they managed to meet our specified launch date of April 1, 2019.

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    Within three months, UnderDefense defined a great number of use cases, and we have a plan to stage two use cases using Splunk Enterprise Security. UnderDefense built incident response and service management procedures from the ground up and conducted tabletop testing to ensure we are hitting all of our requirements.

    How effective was the workflow between your team and theirs?

    We communicate through Slack and Jira to keep track of all of our projects. We also have a Kanban board arranged to see what is progressing, paused or completed.

    What did you find most impressive about this company?

    They capably developed our SOC within the timeline. UnderDefense has been very loyal and a great group to work with.

    Are there any areas for improvement?

    No, everything has gone well to this point.

    5.0
    Overall Score I'm a happy customer.
    • 5.0 Scheduling
      ON TIME / DEADLINES
      They have always been available.
    • 5.0 Cost
      Value / within estimates
      UnderDefense is very cost effective.
    • 4.5 Quality
      Service & deliverables
      They understand how to manage security operation centers.
    • 5.0 NPS
      Willing to refer
      I would definitely recommend them.

    Ethical Hacking for Infrastructure Penetration Testing

    “UnderDefense delivered our project on a high-quality level.”

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    Less than $10,000
     
    Oct. 2018 - Dec. 2018
    Project summary: 

    UnderDefense provided professional infrastructure penetration testing. They assessed a software firm’s environment and detected vulnerabilities to monitor to keep the customer database secure.

    The Reviewer
     
    1,001-5,000 Employees
     
    Kyiv, Ukraine
    Aleksandr Maklakov
    CIO , Kromtech
     
    Verified
    The Review
    Feedback summary: 

    UnderDefense performed a high-caliber investigation that yielded generative insight. They documented their useful findings in detail, clearly explained the takeaways, and even provided a free follow-up test. Transparent communication and quality service make them a reliable partner. 

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    I am a CIO of Kromtech. Our company provides international software and technology services on the global market.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    Our business required infrastructure penetration testing.

    What were your goals for this project?

    We wanted to test our environment to see whether an attacker would be able to access our database of customer information.
     

    SOLUTION

    How did you select this vendor?

    We chose them based on our previous experience working together. 

    Describe the project in detail.

    UnderDefense’s team of ethical hackers investigated our system for three weeks. They detected a chain of vulnerabilities we needed to monitor. In a report we received at the end of the project, they indicated the flaws classified by level of severity. They provided extensive explanations of the specific degrees of risk.  

    As a bonus, UnderDefense provided a free remediation penetration test to check how we should cover all of the gaps. We plan to continue working together on a more in-depth analysis of our company. Going forward, we’ll conduct an internal penetration test similar to our previous experience with UnderDefense.

    What was the team composition?

    The team included three ethical hackers.

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    We conducted this project to analyze our system for any loopholes a hacker may notice. UnderDefense's cybersecurity experts offered a professional view from which to tackle these problems. The penetration testing gave us valuable insights into the strong and weak points of our infrastructure.

    How effective was the workflow between your team and theirs?

    We are satisfied with the workflow between our companies. Since UnderDefense executed the project remotely, we communicated through calls and emails. The team kept us informed about the investigation’s progress and sent us their findings from each level of the security checks.

    What did you find most impressive about this company?

    We appreciate the clear communication our companies have established. UnderDefense delivered our project at a high-quality level.

    Are there any areas for improvement?

    We want to continue our collaboration in the near future.

    4.5
    Overall Score
    • 5.0 Scheduling
      ON TIME / DEADLINES
    • 5.0 Cost
      Value / within estimates
    • 5.0 Quality
      Service & deliverables
    • 5.0 NPS
      Willing to refer

    Penetration Testing for IT Services Firm

    "They are a very professional team and company."

    Quality: 
    5.0
    Schedule: 
    5.0
    Cost: 
    5.0
    Willing to refer: 
    5.0
    The Project
     
    Less than $10,000
     
    Dec. 2018 - Dec. 2019
    Project summary: 

    To identify potential data leaks for an IT services firm, UnderDefense conducted penetration testing and password decryption testing. Once found, they provided security support to protect data further.

    The Reviewer
     
    11-50 Employees
     
    London, UK
    Security Expert, IT Services Firm
     
    Verified
    The Review
    Feedback summary: 

    UnderDefense not only reported the presence of possible data leaks, but they also helped to repair security measures to keep it secure. The team is responsive and honest, making them a valuable partner.

    The client submitted this review online.

    BACKGROUND

    Please describe your company and your position there.

    I am a security expert at an IT services firm.

    OPPORTUNITY / CHALLENGE

    For what projects/services did your company hire UnderDefense?

    UnderDefense coordinated penetration testing and provided security support for our website to identify and solve potential data leaks.

    What were your goals for this project?

    We relied on UnderDefense to review the state of our safety measures and to check the strength of our passwords by simulating an attack.

    SOLUTION

    How did you select this vendor?

    UnderDefense’s security specialists identified our potential data leak following an internet misconfiguration. The contacted us and informed us of their findings according to a responsible disclosure model.

    Describe the project in detail.

    UnderDefense identified and solved our potential data leaks. Afterward, we requested password decryption testing to simulate further outside attacks and measure the time necessary to access our data. We wanted to determine our risks and assess the potential damage we could face.

    What was the team composition?

    We worked with two security analysts.

    RESULTS & FEEDBACK

    Can you share any outcomes from the project that demonstrate progress or success?

    UnderDefense supported us in our efforts to secure our website and ensure that we have data stored in accordance with all regulations.

    How effective was the workflow between your team and theirs?

    UnderDefense’s team is communicative and highly responsive.

    What did you find most impressive about this company?

    They proved to be professional and trustworthy.

    Are there any areas for improvement?

    No, they did not underperform in any way.

    5.0
    Overall Score They are a very professional team and company.
    • 5.0 Scheduling
      ON TIME / DEADLINES
    • 5.0 Cost
      Value / within estimates
    • 5.0 Quality
      Service & deliverables
    • 5.0 NPS
      Willing to refer
    Verification

    Clutch verification provides an additional layer of data to help you make the right purchasing decsion of business services. Learn more

    GOLD VERIFIED
    Business Entity
    Business Entity Name
    UnderDefense LLC
    Status
    Active
    Jurisdiction of Formation
    2016-000730723
    Id
    UnderDefense LLC
    Date of Formation
    Oct 26, 2016
    Last updated
    Jul 29, 2020
    Payment & Legal Filings
    Bankruptcy
    No
    Tax Lien Filings
    0
    Judgement Filings
    0
    Collections Count
    0
    Last updated
    Jul 29, 2020
    Client Reviews
    VERIFIED CLIENT REVIEWS
    30
    OVERALL REVIEW RATING
    5.0
    Source
    Clutch
    LAST UPDATED
    August 24, 2020