OnDefend Named One of the Best Places to Work
September 29, 2025
This recognition is based entirely on the voices of our employees
Read
OnDefend Ranks #4 on the Fastest-Growing Companies List
September 29, 2025
OnDefend celebrates its third appearance on the list with 116.93% growth.
Read
Is Your CrowdStrike Deployment Working as Expected? How to Validate Security Controls
July 17, 2025
Misconfigurations and alert gaps can silently weaken your CrowdStrike deployment. Here’s how to validate controls and gain operational assurance.
Read
Why External Pentests Aren’t Enough: The Case for Internal Testing
June 17, 2025
Most companies run external penetration tests to meet compliance requirements, but those only tell part of the story. Internal pentests reveal what could happen if an attacker gets inside your network, and most security frameworks assume they eventually will. In this post, we explain the difference between external and internal penetration testing, why both matter, and what we see in real-world environments.
Read
Security Control Validation: Why Testing Once Isn’t Enough to Stop Threats
May 1, 2025
Traditional security assessments and out-of-the-box tool configurations aren’t enough to protect against adversaries. Organizations need continuous security control validation — real, ongoing testing to ensure their defenses are detecting and stopping threats before damage is done.
Read
Beyond MITRE ATT&CK Coverage: How Proactive Testing Turns Frameworks Into Real Defense
April 14, 2025
Most security teams talk about MITRE ATT&CK coverage. But attackers don’t care about your roadmap. Here’s how OnDefend combines penetration testing, attack simulations, and tabletop exercises to proactively validate security controls and prepare teams for real-world threats.
Read
Tackling the Ransomware Pandemic: Healthcare Security Leaders Team Up with OnDefend for a New Defensive Approach
March 25, 2025
A collaboration with hospital systems and their leaders, OnDefend's new Ransomware Defense Validation service reimagines defense strategies through proactive and continuous security control validation.
Read
Why Secure Email Gateways Fail (and What You Can Do About It)
March 4, 2025
Secure Email Gateways (SEGs) are supposed to stop phishing and ransomware, but attackers still find ways through. Learn why SEGs fail, how misconfigurations leave gaps, and why continuous testing is the key to better email security.
Read
