OnDefend Newsletter: Edition 2

May 15, 2023 By Lauren Verno, Vice President of Communications

It’s already May, and I know I’m not alone when thinking, “how did we get here? ” It’s been a hot minute since we last caught up, and there’s a lot to go over. From our threat-informed pentest webinar, BlindSPOT updates, and OnDefend in the news, let’s get started.

Threat-Informed Pentest Webinar Recap

Whether you’re new to OnDefend or have been around for a while, you’ve likely heard the phrase “traditional pentesting is no longer enough.” Budgets are thinner than ever, and hackers are as skilled as ever, which means companies need to be tactical about their investments. Traditional pentesting is necessary, but focusing those efforts on industry-specific threat actors is what we believe will give companies that edge. Go ahead and check it out for yourself; the full webinar recording is up right now.

Watch here: Threat-Informed Pentesting: Preparing for Threats Targeting Your Industry

Better Together

We’re off the ball in the game! OnDefend CEO Chris Freedman and CTO Ben Finke met with our partner DeepSeas in Cincinnati last month. OnDefend co-sponsored a night out to the Cincinnati Reds game, where we got to discuss how BlindSPOT enables Deepseas customers with breach & attack simulation capabilities.

If you’re ready to dive deeper into BAS, Deepseas VP Josh Nicholson & OnDefend CTO Ben Finke explore breach & attack simulations on “Cyber Control Testing: New Purple Teaming Revolution.” You can listen to the full podcast on Cyber Security America here: Cyber Control Testing: New Purple Teaming Revolution


Supply chain attacks might be one of the most elusive, engaging, and relevant cyber-attacks to talk about. This is why we obviously had to jump at the chance when ITProTV reached out to talk all things supply-chain. Check out CTO Ben Finke’s conversation with ITProTV’s Daniel Lowrie here: ITPro LIVE with Daniel Lowrie and Ben Finke

OnDefend In The News

A huge congratulations are in order for OnDefend CTO, Ben Finke being named one of Jacksonville’s 2023 Ultimate Tech Leaders!

“ The past few years have been a challenging time for those that are tasked with guiding their organizations as they implement new solutions, take advantage of new opportunities, and figure out a path to the future. The work these leaders do is vital, both to their organizations and for the growth of the local economy.” – Jacksonville Business Journal

First Coast Inno – Here are Jacksonville’s 2023 Ultimate Tech Leaders (bizjournals.com)

A not-so-elaborate cyber-attack could cost taxpayers 1.4 million. OnDefend CEO Chris Freedman spoke with Fox13 Tampa Bay about how scammers were able to pull off the attack and why it’s unlikely the money will be recovered.

Manatee County falls victim to cybercrime that could cost taxpayers $1.4 million (fox13news.com)

You’ve likely heard the phrase, “If the app is free, you are the product being sold.” While we never recommend giving away sensitive information, we realize that sometimes giving your name or even email address is inevitable when signing up for an app. But, when WJXT News4Jax reached out about a new app that seemed to ask for everything under the sun, CTO Ben Finke has a warning for the viewers at home.

A warning from cyber security experts about the TEMU app (news4jax.com)

The White House Cybersecurity Directive was released earlier this year. As a cybersecurity company, we are genuinely excited and optimistic about the plan, but actions speak louder than words. The main question in the end is, will it make a difference? Check out our full take on Forbes.


Other News featuring OnDefend:

16 Effective Strategies To Collect Feedback On New Internal Tech (forbes.com)

14 Specialized Tech Leadership Roles That May Emerge In The Next Decade (forbes.com)

16 Business And Consumer Tech Tools Experts Say Everyone Will Be Using Soon (forbes.com)

16 Leaders’ Tips To Help Tech Pros Better Communicate With Non-Tech Experts (forbes.com)


I could go on for days about why BlindSPOT is one of the best BAS tools in the market today. It’s a one-stop shop tool that allows partners to simulate cyber-attacks, visualize a company’s security control “blind spots,” and remove security risks. One of the many reasons Plextrac and Market Research Access Services recently recognized the tool for its innovation.

30+ of the Most Popular Penetration Testing Tools in 2023 – PlexTrac

And now a word from the BlindSPOT guru himself, CTO Ben Finke…

Hello! Tons of things happening in the BlindSPOT world, but let’s dive into a few things that you should know:

Alert Validation in Beta

We spend a lot of time using BlindSPOT to test our defenses and build alerts using our security tool data that help us find malicious activity.  But, how do we make sure that detection pipeline works? Enter Alert Validation!

Alert Validation leverages the BlindSPOT capabilities you already know and love to generate real activity on an endpoint, and then BlindSPOT connects to your security tools.  We check to make sure 1) the log data shows up as expected, 2) the alert analytic fires as expected, and 3) it all happened within a timeframe that is acceptable to you.  This whole process is completed automated, with notifications for a failure at any step.  Its uptime testing for your detection pipeline! Available now for Microsoft Defender for Endpoint and Azure Sentinel, with more security tools to be added in the future!

Automated Plextrac Runbooks V2 Integration

We’re big fans of what the team at Plextrac is doing, and we’re pleased to release our full integration with the Plextrac Runbooks V2 feature.  Simply, connect BlindSPOT to your Plextrac instance, and then we can push any completed BlindSPOT campaign into Runbooks, even if you don’t have the Test Plan built for it yet (we’ll take care that for you!).  No need to worry about exporting and importing files, it’s a simple button in BlindSPOT to send the campaign results into your Plextrac instance!

Updated Agent and Payload Builder

We’ve rebuilt our Unified Payload Builder, allowing us to begin chaining additional transformation capabilities for agents and payloads.  We’ve already added an automated obfuscation feature for both payloads and agents, and we’ve got a lot more improvements on the way (packed PE files, DLL unhooking, and more!).

Anybody else feel like we just scratched the surface? That’s because we did. Stay tuned for this bi-monthly newsletter, for all of OnDefend’s latest and greatest.

If you want to stay in the loop about what’s happening at OnDefend, including our upcoming webinars, the latest cybersecurity trends, and product updates, then follow us on Facebook, Twitter, and LinkedIn @ondefend.


Connect with Us to Stay in Touch