OnDefend News Desk

OnDefend by the numbers

This year OnDefend broke records for our clients. Here’s a few standouts:

• Two BILLION lines of code reviewed

• 308 reports generated 

---

In the Headlines

OnDefend Expands BlindSPOT to Deliver Continuous Threat Detection and Response Validation

OnDefend, a leader in proactive cybersecurity control validation, has announced two new feature sets within BlindSPOT™, its breach and attack simulation (BAS) platform: Threat Detection Validation and Threat Response Validation.

Continuously test whether detection tools trigger alerts—and whether internal or third-party teams respond in time. BlindSPOT maps to MITRE ATT&CK, tracks MTTD/MTTR, and provides real-time failure alerts so gaps are found before attackers exploit them.

Read the release

OnDefend Partners with City of Jacksonville to Launch Free Cybersecurity Program for North Florida Nonprofits’

“Securing Nonprofits’ Mission” Initiative to Deliver No-Cost Cyber Training, Risk Assessments, and Executive Strategy for Mission-Driven Organizations

“Nonprofits are the backbone of our community, but many do not have the tools they need to protect themselves, which is essential to securing the future of Northeast Florida,” said Mayor Donna Deegan.

See the partnership

When Tech Gives Back: OnDefend Joins Jacksonville’s Innovators at Give A Hack

Over one high-energy weekend, developers, designers, and innovators teamed up to create real solutions for real challenges faced by nonprofits in our community. It wasn’t just a hackathon it was proof that when people care enough to give a hack, incredible things happen.

Watch the impact

Tackling the Ransomware Pandemic: Healthcare Security Leaders Team Up with OnDefend for a New Defensive Approach

 A collaboration with hospital systems and their leaders, OnDefend’s new Security Control Validation service reimagines defense strategies through proactive and continuous security control assessments.

Discover the impact

---

Awards

JaxUSA’s Innovator of the Year

The JAXUSA Innovator of the Year Award recognizes an individual or company whose vision, creativity and technological advancements significantly strengthen the Jacksonville region’s competitive position. This award honors exceptional leadership and forward-thinking innovation that drive economic growth, elevate the region’s visibility and inspire new opportunities across Northeast Florida. Recipients embody the spirit of progress through championing new ideas, embracing emerging technologies and contributing to a more dynamic, resilient regional economy.

“OnDefend and Chris Freedman exemplify the type of innovative leadership that is driving Jacksonville’s economy forward,” said JAXUSA Partnership President Aundra Wallace. “Their cutting-edge work strengthens our region’s competitiveness and plays a vital role in attracting new businesses to Northeast Florida.”

2025 Ultimate CEO: Chris Freedman

” Advice I’d give to the next generation is be cautious about scale. I think sustainability is going to be a new measure of success.” – OnDefend CEO Chris Freedman, 2025 Ultimate CEO.

OnDefend has been named to the 2026 Seminole 100, honoring the fastest-growing businesses led by Florida State University alumni

At the helm is OnDefend Co-Founder/CTO and FSU alum Ben Finke, whose leadership continues to drive innovation in offensive security testing and security control validation. Ben is the product owner of BlindSPOT, OnDefend’s proprietary breach and attack simulation tool.

Top 5 fastest growing companies

How did OnDefend land the #4 spot on the Jacksonville Business Journal’s Fast 50 list Sure, we could point to the 116.93% growth — but the real story is what’s behind that number: our team, innovation, and clients who trust us everyday. Thank you!

Read More

OnDefend named one of the best places to work

Quantum Workplace conducted anonymous employee surveys that included both closed and open-ended questions. Here’s what some of our employees said:

“OnDefend leadership saw my potential and took a chance, and I have been grateful for that decision ever since.”

“The work I’m involved in, my position in the company, and the people I work with and for are why I can say, this is the best place I have ever worked in my entire career.”

“This is the first time being in a company that appreciates your hard work but also feels that it is important to have that work–life balance.”

---

Webinars

Exposing Security Control Blind Spots: Attack Simulation in CrowdStrike

In this live technical demo, the OnDefend team shows how real-world adversary behavior, specifically modeled on Scattered Spider TTPs, can silently bypass EDR tools like CrowdStrike when policies, configurations, or visibility aren’t where they need to be.

Watch Now

OnDefend & Akkodis Fireside Chat on Testing, Maturity and Confidence

Cybersecurity isn’t just about compliance – it’s about confidence. Former CISO Bryan Bechard and OnDefend’s Zac Hardy show how structured testing and NIST CSF 2.0 turned uncertainty into executive-level confidence.

Watch Here

Reimagining Ransomware Defense: Revealing and Removing Security Control Failures

Inspired by real-world conversations between Baptist Health CISO James Case and OnDefend CEO Chris Freedman, Ransomware Defense Validation (RDV) was built as a proactive solution tailored to the unique challenges healthcare systems face every day. When asked if their security controls are working properly and effective, we’ve often heard many security leaders respond, “Yes we think so… but there’s no good way to regularly validate it.” Without the right tools to continuously test and validate these security defenses, organizations are relying on the bad guys to do the testing for them.

Watch Now

---

Welcome to the Team

In 2025, OnDefend welcomed over 35 new team members.

Terin Williams joins as the Director of Strategic Policy Initiatives

Terin brings nearly three decades of leadership to the OnDefend team, while also currently serving as an officer in the National Guard as the National Guard Assistant to the Commander, United States Cyber Command and the Director of the National Security Agency (NSA).

Meet Terin

OnDefend welcomes Tim Tomes as Director of Training and Programs.

Tim Tomes’ career spans elite Army Red Team operations, the development of groundbreaking cybersecurity tools, and thousands of hours spent shaping future defenders. His unique blend of deep technical expertise, instructional skill, and mission-first leadership sets him apart as a true force in the cybersecurity world.

Meet Tim

OnDefend is excited to welcome Carly Sherrod as our new Director of Threat Intelligence and Programs

With extensive experience in cybersecurity, intelligence, and incident response, Carly will play a pivotal role in enhancing OnDefend’s threat intelligence capabilities and program development.

Meet Carly

---

Message from BlindSPOT’s CTO

It’s rare for us as a company to look back, in fact it’s our job to always be one step ahead but here are the top BlindSPOT features of 2025.  

Threat Response Validation (May)

You want to measure Mean-Time-To-Respond, and we want to make that easy for you.  As a quick refresher, “Detect” means the alert has been made, “Respond” means a person or bot has seen the alerts and has begun researching or taking some action.  This person or bot could be your own or it could be a third-party service you pay for.  Traditionally this data is extremely hard to collect, leaving you to use secondary metrics and, frankly, vibes, to determine if that response time is acceptable.

Introducing Threat Response Validation!  Threat Response Validation (TRV) gives you the ability to generate realistic attack activity in the environment and then measure the time it takes for the team (or teams) to respond – whatever “respond” means to you.  Running these exercises gives you the specific information you need to understand if your Threat Response capability is acceptable.

Project Level Security Tool Log Upload (March)

We previously shared the ability to upload security tool logs at the campaign level.  This is a great way to save time without having to go through the full API integration with a security tool.  This feature lets you export activity (in whatever the standard format for the tool is) and upload it to BlindSPOT.  BlindSPOT will then match that information with the campaign and automatically score the campaign for you.  And now, we’ve introduced that at the project level too. Let BlindSPOT handle scoring the entire project through file uploads.

New BlindSPOT Documentation Portal (September)

We recently launched an all-new BlindSPOT documentation site, with updated walkthroughs and information on leveraging the BlindSPOT platform.  You’ll also notice it’s not behind any kind of authentication wall, so you can easily send links to relative content to your colleagues as needed.

It’srare or us as a company to look back, in fact it’s our job to always be one step ahead but here are the top BlindSPOT features in 2025.

---

Thank you for taking the time to read our updates. We are committed as an organization to continue pushing boundaries within the world of innovation. OnDefend & BlindSPOT are the products of that. If you would like to learn more or have any suggested recommendations, please reach out: Contact Us.

OnDefend Helps Power Change at Jacksonville’s Give A Hack

A packed room on a random Thursday afternoon set the scene for one of Jacksonville’s most inspiring community events : Give A Hack, where local technologists came together to use their skills for good.

Over one high-energy weekend, developers, designers, and innovators teamed up to create real solutions for real challenges faced by nonprofits in our community. It wasn’t just a hackathon it was proof that when people care enough to give a hack, incredible things happen.

Where an Idea Sparked a Movement

“Basically, I asked for help, and our entire community showed up,” said Jennifer Bradshaw, VP at NLP Logix and the creator behind Give A Hack Jax.

Bradshaw’s vision was born from a personal challenge , wanting to make a difference but realizing how hard it can be to do so alone.

“I was trying to donate my time, donate my old clothing,” Bradshaw said. “And I realized how hard it is to make an impact just as a single person.”

So, she called on her peers in Jacksonville’s tech community including,  OnDefend CEO Chris Freedman,

“There are companies for profit who want to give their goods and services at a discounted price,” Freedman said. “But there’s no connective tissue. There has to be a better way. The problem hasn’t been solved — and we’re here to solve it.”

Together, they built an event centered on collaboration, innovation, and community. A way for local talent to use their skills to build something that lasts.

Innovation Meets Impact

Participants were divided into four teams and given one challenge: solve the gap.

For Madison Mina and her team, “Jax to the Max,” that meant tackling the housing crisis.

“As the cost of living increases in the U.S., we want to give people an app that helps them explore neighborhoods — block by block — to find affordable housing,” said Mina.

Entrepreneurs like Lucas Wyman also took part, recognizing that this kind of innovation could have an even greater reach.

“It all starts here in Jax,” Wyman said, “but it can expand to wherever.”

Wyman’s team partnered with the nonprofit Mission House, developing a simple but powerful way to connect donors directly with people in need, using a single hashtag.

“They’re calling our phone number or reaching out by email,” said London from Mission House. “But if we could just use a hashtag to find them and immediately get them resources, it’s two birds with one stone.”

And the Winner Is…

After a weekend of problem-solving and creativity, the winning team was announced: The Black Bees.

Their project, JaxLink, is a platform that connects nonprofits, donors, and those in need — all in one digital space. By centralizing communication and resources, JaxLink helps remove the barriers that often prevent help from reaching where it’s needed most.

“What do we want people to take away from this weekend?” asked OnDefend’s Marketing and Communications Director Lauren Verno.

“We want them to give a hack. These problems are solvable. We have the people who want to solve them and if we just connect everyone together, we can make things better for those in need.”

Amazing, what you can really do when you, well… give a hack.

OnDefend’s Commitment to Doing Good

Give A Hack Jax wasn’t just an event it was a reflection of what OnDefend stands for: using technology, teamwork, and innovation to make a lasting difference.

At OnDefend, our mission goes beyond cybersecurity. We believe in strengthening both organizations and the communities behind them. By helping lead initiatives like Give A Hack, we’re proud to support the innovators who make Jacksonville a better place to live and work.

Give a Hack isn’t the only way OnDefend is giving back. In a public-private partnership, the City of Jacksonville, the Nonprofit Center of Northeast Florida, and Jacksonville-based cybersecurity firm OnDefend announced Securing Nonprofits’ Mission, a free cybersecurity program for nonprofit organizations across Northeast Florida.

Learn more at the link below:

City of Jacksonville, Nonprofit Center of Northeast Florida, and OnDefend Partner to Launch Free Cybersecurity Program to Protect North Florida Nonprofits’ Missions

About OnDefend

OnDefend stands at the forefront of preventative cybersecurity testing and advisory services, further strengthened by its proprietary automation and AI powered technologies including its advanced Breach and Attack Simulation (BAS) Software-as-a-Service platform, BlindSPOT. A trusted partner to organizations worldwide, OnDefend empowers companies and nation to proactively combat real-world cyber threats across software, hardware, IoT, and AI while ensuring that security investments are well-utilized, effective, and measurable. For more information, visit www.ondefend.com.

For Media Inquiries:

Lauren Verno, Media@ondefend.com
904-299-3669

OnDefend News Desk

OnDefend offers free cybersecurity services to non-profits

Giving back is at the core of our committment to securing the world. Whether you’re an organization of 1 or 1,000 this initiative ensures that nonprofits, regardless of size or budget, can access the resources they need to stay secure.

Sign Up Here

---

Welcome to the Team

Terin Williams joins as the Director of Strategic Policy Initiatives

Terin brings nearly three decades of leadership to the OnDefend team, while also currently serving as an officer in the National Guard as the National Guard Assistant to the Commander, United States Cyber Command and the Director of the National Security Agency (NSA).

Meet Terin

---

Awards

Top 5 fastest growing companies

How did OnDefend land the #4 spot on the Jacksonville Business Journal’s Fast 50 list Sure, we could point to the 116.93% growth — but the real story is what’s behind that number: our team, innovation, and clients who trust us everyday. Thank you!

Read More

OnDefend named one of the best places to work

Quantum Workplace conducted anonymous employee surveys that included both closed and open-ended questions. Here’s what some of our employees said:

“OnDefend leadership saw my potential and took a chance, and I have been grateful for that decision ever since.”

“The work I’m involved in, my position in the company, and the people I work with and for are why I can say, this is the best place I have ever worked in my entire career.”

“This is the first time being in a company that appreciates your hard work but also feels that it is important to have that work–life balance.”

Join Our Team

---

Webinar

Exposing Security Control Blind Spots: Attack Simulation in CrowdStrike

In this live technical demo, the OnDefend team shows how real-world adversary behavior, specifically modeled on Scattered Spider TTPs, can silently bypass EDR tools like CrowdStrike when policies, configurations, or visibility aren’t where they need to be.

Watch Now

---

Message from BlindSPOT’s CTO 

Validation. It’s what we all really want, right?

No idea where Maslow would have put security control validation on the hierarchy, but we think it’s fundamental.

Security Control Validation (SCV) is simply the process of performing the activity you are concerned with and measuring the security tools response. We built BlindSPOT to make that process easier by giving you a safe way to test real-world scenarios, confirm your defenses are working, and free up your team to focus on other projects.

New BlindSPOT Documentation Portal

We recently launched an all-new BlindSPOT documentation site, with updated walkthroughs and information on leveraging the BlindSPOT platform. You’ll also notice it’s not behind any kind of authentication wall, so you can easily send links to relative content to your colleagues as needed.

Threat Weather: Scattered Spider Simulation

Our newest threat actor simulation is based on the activities conducted by the group dubbed Scattered Spider. This simulation focuses on Scattered Spiders use of Ingress Tool Transfer (T1105) and Command and Control – Remote Desktop Software (T1219.002).

AGENT V2.0 In General Release

A totally rebuilt version of the BlindSPOT agents have been promoted to the standard production option. The legacy agent code is still available to be built if needed, but the new default when building a new agent will use this newer, faster, and more functional version.

Discover BlindSPOT

---

Thank you for taking the time to read our updates. We are committed as an organization to continue pushing boundaries within the world of innovation. OnDefend & BlindSPOT are the products of that. If you would like to learn more or have any suggested recommendations, please reach out: Contact Us.

OnDefend Named One of the Best Places to Work on the First Coast

At OnDefend, we often talk about our mission to help organizations prepare for and defend against real-world threats. But behind every achievement is something just as important — our people. That’s why we are proud to share that OnDefend has been named one of the Best Places to Work on the First Coast.

This recognition, awarded by Quantum Workplace, is based entirely on the voices of our employees. Through anonymous surveys, team members shared their candid thoughts on what makes OnDefend more than just a workplace but a community built on respect, purpose, and authenticity.

What Our Team Had to Say

Here are just a few of the powerful things our employees shared (and no, we didn’t get to read these until after the awards we’re announced.):

“The work I’m involved in, my position in the company, and the people I work with and for are why I can say this is the best place I have ever worked in my entire career.”

“I came from a corporate environment where employees were often treated as just another cog in the machine. There was little effort to truly value or recognize individual contributions. This company is completely different. Here, titles don’t define how people interact—everyone is treated with respect and authenticity.”

” I’ve worked for many companies and corporations over the years, but OnDefend has been the BEST place to work out of them all, by far.”

” OnDefend leadership saw my potential and took a chance, and I have been grateful for that decision ever since! Strong core values, making an impact for our clients, and the ability to work hard and have fun are the cornerstones of the culture that has been created.”

“I have never felt any differences in positions or titles—everyone treats each other equally.”

“This is the first time being in a company that appreciates your hard work but also feels that it is important to have that work–life balance.”

Want to join the OnDefend team? Check out our openings here: Join the Team

At OnDefend, success isn’t just about growth, it’s about impact. This year, the OnDefend team has earned the #4 spot on the Fastest-Growing Companies list according to the Jacksonville Business Journal, achieving an impressive 116.93% growth rate.

This marks the third year OnDefend made the list — and as the saying goes, third time’s the charm.

This recognition is more than a ranking. It reflects the team’s relentless drive,  commitment to innovation, and mission to secure our future.

A Purpose That Drives Us

When asked what motivates him as a leader, CEO Chris Freedman points to the mission that has guided OnDefend since 2016.

“What motivates me as I lead our team is the profound purpose behind what we do. At OnDefend, our mission is to secure the world’s future — but our legacy is deeper than that. It’s about leaving a lasting, positive impact not just here in Jacksonville, but across the U.S. and globally.”

Whether preparing Fortune 500 companies for threats, supporting the cyber-readiness of our military, or working with government agencies, OnDefend is protecting more than just networks. We’re protecting national security, citizen safety, and data sovereignty.

Challenges That Shape Us

Growth comes with challenges — and each has made OnDefend stronger.

“The biggest challenge we’ve faced as OnDefend has grown is adapting to constant transformation — both within our company and in the world around us. We’ve navigated multiple parallel journeys: from service market fit to software innovation, from national relevance to global scrutiny, and from startup grit to scalable execution.”

These challenges have fueled our adaptability and resilience, proving that the most meaningful growth happens in the face of change.

Innovation That Defines Us

Innovation continues to set OnDefend apart. One of our most pivotal milestones was being selected as TikTok’s Independent Security Inspector — chosen over some of the world’s largest cybersecurity firms.

“This wasn’t just about visibility; it affirmed our ability to operate at the highest levels of national trust and scrutiny.”

This moment reinforced our reputation as a trusted global partner in securing user data and defending against foreign threats.

The Reward of Building Together

While recognition like the #4 ranking is an honor, CEO Chris Freedman points to something even more rewarding: the people behind the success.

“The most rewarding moment this year has been simply spending time with our unparalleled team — a group of professionals who come from the highest levels of the military, government, and private-sector cybersecurity. Their expertise, humility, and passion inspire me every day.”

It’s this team — their dedication, innovation, and shared love of the mission — that has made OnDefend’s third appearance on the list possible.

Read the original report: https://www.bizjournals.com/jacksonville/c/meet-the-2025-class-of-fast-50/37169/fast50-ondefend-llc.html

Tackling the Ransomware Pandemic: Healthcare Security Leaders Team Up with OnDefend for a New Defensive Approach

 A collaboration with hospital systems and their leaders, OnDefend’s new Ransomware Defense Validation service reimagines defense strategies through proactive and continuous security control validation.

JACKSONVILLE, Fla.–(BUSINESS WIRE)– OnDefend, a leader in preventative cybersecurity testing and advisory services, today announced the launch of its Ransomware Defense Validation (RDV) service. Developed with direct input from prominent healthcare Chief Information Security Officers (CISOs) and launched in collaboration with major healthcare systems, RDV addresses the pressing need for organizations to proactively defend against ransomware threats.

The healthcare community faces a new pandemic—a cyber one—and the risks to patient safety, data security, and operational continuity have never been greater. As a managed service, RDV, powered by BlindSPOT, OnDefend’s proprietary Breach and Attack Simulation (BAS) platform, equips organizations to regularly test and validate the effectiveness of their prevention, detection, and response security controls against known and emerging threats.

Data collected from OnDefend’s global security testing services found:

• 24% of malicious emails bypassSecure Email Gateways (SEGs).
• 7 out of 10 attack simulation engagements identify exploitable security tool failures.
• 5 out of 10 incident emulationsidentify notification delays or failure to meet Service Level Agreements (SLA) between the response vendors.

A Collaborative Approach to Solving an Industry-Wide Challenge

RDV originated from conversations between OnDefend’s security teams and healthcare leaders who shared concerns about common security control failures and the lack of regular visibility and validation.

“Cybersecurity isn’t about setting up defenses and hoping for the best. It’s about constantly testing, adapting, and staying ahead of threats. If you’re not testing your security, the attackers will do it for you,” said Larry Whiteside Jr., former CISO at Spectrum Health and Women’s Care OBGYN.

These discussions highlighted the need for a proactive solution tailored to the unique challenges of healthcare cybersecurity, going above and beyond current healthcare standards and regulations.

How Ransomware Defense Validation (RDV) Works

RDV is delivered by OnDefend as a managed service using BlindSPOT to safely simulate real-world ransomware attacks on a healthcare systems’ defenses to prove their:

Secure Email Gateways (SEGs): effectively filter malicious emails from reaching employee inboxes.

Threat Detection Tools (EDR, SIEM): effectively identify and alert security teams to real-world attack activity.

Threat Response Teams (SOC,MDR,NDR): immediately respond and neutralize real-world cyber threats in real-time.

“Ransomware Defense Validation provides security leaders with critical visibility into their defensive investments, ensuring they are resilient against the cyber threats targeting their industry,” said Chris Freedman, CEO of OnDefend. “The goal of this managed service is to validate security tools and hold monitoring vendors accountable, all while empowering our customers to demonstrate they are achieving the return on investment they deserve.”

RDV Outcomes & Industry Impact

Early access customers who implemented RDV found their security teams’ overall posture improved, showcased continuous risk reduction, proved return on investments, and are prepared to safeguard essential healthcare operations.

Read the case study: Prominent Healthcare System Implements Ransomware Defense Validation to Safeguard Patient Safety
and Data Security

This service is now available to healthcare organizations nationwide.

Learn More

To further understand Ransomware Defense Validation, we invite you to explore our additional resources here: https://ondefend.com/blindspot/ransomware-defense-validation/

About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of BlindSPOT, its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform. OnDefend is a trusted partner, empowering organizations globally to combat real-world cyber threats proactively. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about our services and solutions, please visit www.ondefend.com.

OnDefend on Social Media

LinkedIn

Twitter (@OnDefend)

Contacts

OnDefend Media Contact:
Lauren Verno
Media@ondefend.com
904-299-3669

 

What’s New with OnDefend & BlindSPOT

Our focus for the year has never been clearer: prove the investments you pay for work as you expect.

Whether that be your email gateway, EDR, or even the response times from your third-party vendors, we understand teams lack bandwidth, that every dollar counts, and the stakes have never been higher in proving your organization is going above and beyond compliance to keeping operations safeguarded.

Here are some of the new projects we’ve been working on, including Ransomware Defense Validation and highlights that have set OnDefend and our in-house breach and attack simulation tool BlindSPOT apart from the rest.

---

The Hidden Risks of Security Control Failures: What Security Teams May Unintentionally Be Missing

Are your security controls actually working? OnDefend analyzed security control failures across critical tools security teams rely on daily. The results:

• Secure Email Gateways (SEGs): On average, 24% of malicious emails bypass SEGs
• Threat Detection Tools (EDR, XDR, SIEM): 7 out of 10 attack simulations identified security tool misconfigurations or exploitable control failures
• Threat Response Teams (MDR, NDR, Internal Teams): 5 out of 10 of attack simulations resulted in no response or a delayed response outside SLA requirements

Read: Understanding the Root Causes of These Failures

---

[Webinar] Reimagining Ransomware Defense: Revealing and Removing the Hidden Risks of Security Control Failures

Did you miss our recent webinar with Baptist Health CISO James Case and OnDefend CEO Chris Freedman? Inspired by real conversations between healthcare leaders, Ransomware Defense Validation (RDV) was built as a proactive solution tailored to identifying those security control failures.

In this webinar, you’ll:

• Understand how & why prevention, detection & response security control failures occur.
• See results within a hospital system that implemented RDV
• Share actionable steps to prove your security controls work and provide a real-world ROI

Watch Here

---

[Case Study] Prominent Healthcare System Implements Ransomware Defense Validation

Learn how a leading U.S.-based healthcare system enhanced its ransomware resilience by validating security controls, ensuring vendor accountability, and strengthening defenses to protect critical patient data and care continuity.

“Ransomware Defense Validation plays a crucial role in building a robust, resilient, and trustworthy healthcare organization. You can’t eliminate all risk, but you can reduce it to safeguard patients and their sensitive data while maintaining their trust so we can focus on what matters most: patient care.” – Healthcare Chief Information Security Officer (CISO)

See the Results

---

Message from BlindSPOT’s CTO 

One of the great joys in building anything is seeing the things that once existed only on a whiteboard work in the real world.  I’m always amazed at how the development and tradecraft team can take a whisper of an idea and then be ready to demo it a short time later.  Demo day for new features is always amazing, and one of my favorite things about writing this newsletter is that I get to share this great work with all of you.   

BlindSPOT, our breach & attack simulation tool is completely written in house by our development team.  That gives us incredible flexibility to add new features, change an interface, or integrate with a new tool.  But the best part is that we can add these based on your feedback.  If you’ve got a thought on something that would help you make BlindSPOT even more useful, we’re happy to hear it! 

---

Project Level Security Tool Log Upload 

We previously shared the ability to upload security tool logs at the campaign level. This is a great way to save time without having to go through the full API integration with a security tool.

This feature lets you export activity (in whatever the standard format for the tool is) and upload it to BlindSPOT.

BlindSPOT will then match that information with the campaign and automatically score your campaign for you. And now, we’ve introduced that at the project level too.

Let BlindSPOT handle scoring the entire project through file uploads.

You’ll see a list of all of the tools you have configured in your BlindSPOT tenant:

 

---

New Agent Software in Beta Testing

The BlindSPOT agent (or implant) is the only part of the BlindSPOT platform that must be deployed onto the system in order to execute activity on it. We’ve released a brand-new version of our implant in beta mode for you to test.

Among other things, it generates a smaller payload, improved detection evasion techniques, and runs without a front-end UI for improved execution in non-interactive modes. Try it on your next workshop.

---

BlindSPOT Satellite 

We’ve long had the ability for BlindSPOT simulations to attempt to exfiltrate data and download content from the Internet. But facilitating those actions either meant using public sources (out of our control – never a good idea) or having to stage the necessary services on the Internet to handle file hosting or uploads. We’ve been hard at work designing a way to make this easier.

The result is something we are calling Satellite – a specialized app that you can host on any Windows or Linux server and instantly be prepared to test exfiltrating files or downloading content as part of your simulations.

Best of all, you are in complete control of the execution of the Satellite – it runs on systems under your control and when you want it. It allows us to quickly move to new IP addresses and domains that have never interacted with your organization before, to see how your tools would handle that type of activity. Oh, and it will also act as a C2 relay, so your implants don’t have to phone home directly to the BlindSPOT server. Currently released in limited beta testing, we expect to have this out to all BlindSPOT customers soon.

---

Welcoming New Talent to OnDefend

OnDefend Welcomes Carly Sherrod as Director of Threat Intelligence and Programs

With extensive experience in cybersecurity, intelligence, and incident response, Carly will play a pivotal role in enhancing OnDefend’s threat intelligence capabilities and program development.

Previous Leadership Roles:

• Interim State Chief Risk Officer & Chief Information Security Officer (CISO) of North Carolina – Oversaw state-wide cybersecurity infrastructure.
• Former Deputy State Chief Risk Officer & Chief Information Security Officer
• Principal Consultant at CrowdStrike – Led digital forensics and incident response (DFIR) efforts against global cyber threats.

Meet Carly

---

Thank you for taking the time to read our updates. We are committed as an organization to continue pushing boundaries within the world of innovation. OnDefend & BlindSPOT are the products of that. If you would like to learn more or have any suggested recommendations, please reach out: Contact Us.