Underdefense MAXI Platform – 51 Security

Underdefense MAXI Platform – 51 Security


Services

FreeCloud

CIS AWS Benchmark assessment

Evaluate your AWS environment for CIS AWS Foundations Benchmarks compliance. RunnStarting your servers and databases on AWS means that it is like a home for your sensitive data. Make sure to install an alarm system and locks on your door to prevent theft – evaluate the risks and mitigate them.

FreeCloud

 CIS Azure security assessment

Audit your Azure environment for compliance with Azure security assessment. As one of the most popular cloud solutions for corporate environments, Azure demands flawless configuration for security and compliance. Therefore, access to swift Azure assessment is an essential tool to meet high cloud security requirements.

FreeCloud

 CIS GCP Benchmark assessment

Assess your GCP environment against the CIS Google Cloud Platform Foundation Benchmarks to enhance your cloud security and improve compliance. Ensure the protection of your sensitive data and services hosted on GCP while stayStarting vigilant about potential vulnerabilities.

FreeCloud

 CIS Kubernetes Benchmark assessment

Protect your Kubernetes deployments from cyber threats usStarting these CIS Benchmarks

PremiumConsultStarting

 Cyber Insurance plan

Shield your business from the ever-evolvStarting cyber threat landscape with a comprehensive cyber insurance policy. This robust coverage safeguards your organization from the financial fallout of cyberattacks, includStarting data breaches, business downtime, regulatory fines, and cyber extortion. Additionally, you gain access to a team of cybersecurity experts and incident response services to effectively navigate cyberattacks and minimize their impact.

FreeEthical hackStarting

 External vulnerability scan

Secure your organization with our External vulnerability scan service. Our advanced surveillance technology detects threats and vulnerabilities, ensurStarting comprehensive protection. With our External vulnerability scan service, you can stay one step ahead of potential risks, allowStarting you to focus on what matters most – your organization’s success.

PremiumCompliance

 ISO 27001 certification audit

Experience a seamless journey to ISO 27001 certification with expert third-party accredited auditors. A streamlined process ensures minimal disruptions to your operations, providStarting you with a hassle-free certification.

PremiumCompliance

 ISO 27001 preparation by security expert

Enhance your ISO 27001 preparation with the expertise of our seasoned security professionals. Leverage our hands-on experience to identify and address gaps, deficiencies, and potential concerns. Allow us to manage the entire process, from meticulous data collection to strategic stakeholder coordination, ensurStarting your comprehensive readiness for the ISO 27001 audit.

PremiumEthical hackStarting

 Penetration testStarting

See deeper into your security with penetration testStarting services driven by people and boosted by technology. Test your systems, people, and processes. Meet compliance requirements. Get the most comprehensive report coverStarting your blind spots and actionable steps on how to remediate them.

PremiumEthical hackStarting

 Ransomware simulation

Leverage the skills of certified ethical hackers to perform 100% harmless simulations of real ransomware and crypto minStarting infections. Assess the viability of your existStarting network protection and check if your internal systems are vulnerable by runnStarting 22 ransomware infection scenarios.

Starting from: $945

PremiumCompliance

 SOC 2 preparation by security expert

Make your preparation for the SOC 2 audit clear and efficient. Use our hands-on experience to discover your deficiencies, gaps, and other potential red flags. Let us take on everythStarting from collectStarting facts to coordinatStarting with stakeholders, supervisStarting the remedial measures, and makStarting your 100% ready for the SOC 2 audit.

Starting from: $7200

PremiumCompliance

 SOC 2 Type 1 examination with report

We begin by definStarting the scope, encompassStarting the tech stack, data flow, infrastructure, business processes, and people involved. Next, we diligently collect all the necessary documentation and identify the applicable Trust Services Categories (TSC) to ensure a comprehensive audit.

Starting from: $7200

PremiumCompliance

 SOC 2 Type 2 examination with report

We begin by definStarting the scope, encompassStarting the tech stack, data flow, infrastructure, business processes, and people involved. Next, we diligently collect all the necessary documentation and identify the applicable Trust Services Categories (TSC) to ensure a comprehensive audit.

Starting from: $7200

PremiumEthical hackStarting

 Vulnerability assessment

Detect and classify vulnerabilities in your systems, applications, and networks before criminals do. Hire our penetration testStarting team to carry out real-world cyberattacks on your environments and proactively prevent the risks that current gaps pose to your organization.

Starting from: $7200

Reports

Penetration testing

Web application penetration testing

This report presents the results of the “Grey Box” penetration testing for [CLIENT] web application.

CloudComplianceAssessment

Microsoft Azure Security Assessment Report

This assessment aimed to evaluate the current security configuration of an Azure environment

CloudComplianceAssessment

CIS AWS Foundation Benchmark Security Assessment Report

This assessment aimed to evaluate the current security configuration of an AWS environment against CIS AWS Foundation Benchmark v1.5.0

Penetration testing

Black box penetration testing

This report presents the results of the “Black Box” penetration testing for bitcoin exchange company web application.

CloudComplianceAssessment

CIS GCP Foundation Benchmark Security Assessment Report

This assessment aimed to evaluate the current security configuration of an GCP environment against CIS Google Cloud Platform Foundation Benchmark v2.0.0

ComplianceAssessment

SOC 2 Type 1 Report

This reports res the design of your organization’s internal controls. It assesses your organization’s SOC 2 compliance posture and determines whether the implemented controls meet the framework’s requirements.

MDRThreat detection & response

30 days MDR impact report

See the tangible results you can get from our MDR service in a comprehensive impact report: threat mitigated, risk reduced, and more.

Penetration testing

Gray box penetration testing

Penetration testing was conducted against a website provided by Customer on 04th of May 2020.

AssessmentCompliance

IT & Security Program Gap Analysis Report

Assessments of the organization’s information security level and compliance with SOC2 and GDPR. It res ISMS, processes, tools, and resources, identifies security gaps, prioritizes risks, and offers mitigation recommendations.

Compliance

ISO 27001 assessment

[CLIENT] has requested that UnderDefense MAXI, as an independent and trusted cyber security partner, conducts an assessment and analysis of the current state of the information security program of the organization and its compliance with ISO 27001:2013 standard.

Compliance

NIST CSF assessment

[Name of company] has requested that UnderDefense MAXI, as an independent and trusted cyber security partner, conducts an assessment and analysis of the current state of the information technology security program of the organization and its compliance with NIST cyber security framework

Penetration testing

API penetration testing

This report presents the results of the “Grey Box” penetration testing for [CLIENT] REST API.

Free

Vulnerability

Notification

External risks scan

Our playbook conducts regular scans of your organization’s external perimeter to pinpoint vulnerabilities swiftly. Designed for proactive vulnerability identification and remediation, it fortifies your security posture. Results are conveniently available in the ‘External Risks’ section, ensuring that your defenses remain strong.

 

  • Trigger:

    A new corporate account has been created on the UnderDefense MAXI platform

    from UnderDefense MAXI

  • Assets discovery

    Domain, subdomain, IPs and relevant keywords associated with the organization

  • Dark Web scanning

    The dark web mentions for any related mentions of the domain

  • Leaked credentials scanning

    Check for leaked credentials, focusing on emails and sensitive information

  • Weak passwords scanning

    Check for non-compliant with security requirements passwords

  • Certificates scanning

    Check for common misconfigurations or vulnerabilities of SSL certificates

  • Domain scanning

    Verify domain reputation based on various criteria like historical behavior, security incidents, and online presence

  • Email authentication

    Verify the presence of email authentication misconfigurations: SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail),[object Object] and DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocols

  • Create incidents. See all

    Collect all relevant details of the identified risks in the incident, assign incident severity based on the potential impact

  • Repeat scan in 7 days

    Schedule a recurrent scan of the external perimeter to ensure continuous monitoring for potential risks

  • Send notification to the tenant admin

    Provide recommendations and suggested actions to mitigate the risks.

    by email

 

Free

Malware

Isolation

Enrichment

Ransomware attack response

In the event of a ransomware attack, our playbook takes decisive action. We identify, contain, and isolate infected systems, followed by data restoration from backups and system rebuilding. After addressing the incident, we promptly inform stakeholders, providing updates and addressing concerns, ensuring that your organization remains resilient.

 

  • Trigger:

    New “Host ransomware infection” alert

    from [EDR integration]

  • Discover information about the affected user

    name, department, manager

  • Discover information about the affected host

    geolocation, AD domain, type, OS, IP, open ports

  • Discover information about the parent process

    path, signature

  • Get ransomware hash details

    VirusTotal score, family, OTX pulses

  • Lookup for the same hash on other hosts

    from [EDR integration]

  • Quarantine and kill the threat

    by [EDR integration]

  • Isolate the host from the network

    by [EDR integration]

  • Send notification to the client

    by [EDR integration]

 

Free

Malware

Enrichment

Notification

Host malware infection response

Our automated incident response playbook for host malware infections is your proactive defense. It swiftly isolates affected systems, conducts in-depth threat analysis, and ensures secure restoration. This streamlined approach enhances security while minimizing manual intervention, keeping your organization resilient against host malware threats.

 

  • Trigger:

    New “Host malware infection” alert

    from [EDR integration]

  • Discover information about the affected user

    name, department, manager

  • Discover information about the affected host

    geolocation, AD domain, type, OS, IP, open ports

  • Discover information about the parent process

    path, signature

  • Get ransomware hash details

    VirusTotal score, family, OTX pulses

  • Lookup for the same hash on other hosts

    from [EDR integration]

  • ifalert severity is high

    oralert severity is critical

    andmalware is not prevented

  • Quarantine and kill the threat

    from [EDR integration]

  • Isolate the host from the network

    from [EDR integration]

  • Send notification to the client

    by [Notification channel]

  • else:

    ifalert severity is high

    oralert severity is critical

  • Send notification to the client

    by [Notification channel]

Premium
Notification
Vulnerability
Critical vulnerability response
Our playbook outlines a systematic approach for identifying and mitigating critical vulnerabilities in your IT infrastructure. It includes steps for vulnerability scanning, risk assessment, prioritization, and remediation. This ensures that high-risk vulnerabilities are addressed promptly and efficiently, reducing exposure to potential threats and enhancing overall security.

Premium
Network
Data exfiltration response
Our comprehensive data exfiltration incident response playbook swiftly detects and contains unauthorized data transfers. It isolates compromised systems, conducts in-depth analysis to uncover the source and extent of exfiltration, and implements effective containment measures. With thorough remediation steps, it secures affected systems and minimizes data exposure, ensuring robust protection.

Premium
Email
Enrichment
Phishing email response
The Phishing Email Incident Response Playbook provides rapid identification and mitigation of phishing threats, ensuring timely detection and containment measures. Through in-depth analysis, it determines the scope and origin of the threat and comprehensive remediation steps to secure affected accounts, minimizing exposure and enhancing your organization’s security.

Premium
Identity
SaaS
Notification
Suspicious user logins response
We gather crucial details about target users and source IPs, including reputation and geolocation. Our playbook, in response, locks out users if source IPs exhibit negative traits, notify clients through selected channels, and safeguards your environment from threats.

Premium
Identity
SaaS
Notification
Bruteforce to accounts response
Our playbook manages SIEM events indicating external account brute force attempts. Acquiring vital context and notifying clients once specific conditions are met ensures your organization’s account security. Protect your systems from brute force attacks with our efficient playbook.

Premium
AWS
AWS Incident response orchestration
Automated Security Response on AWS is an add-on solution that works with AWS Security Hub integration on UnderDefense MAXI to provide a library of automated playbooks. The solution makes it easier for our customers to resolve security findings and improve their cloud security posture.

Post Comment