Identify threats before they attack

OnDefend strengthens our client’s security posture by providing the preventative security testing, consulting and vulnerability management tools they need to reduce their risk and decrease their vulnerable IT surface area.

Identify threats before they attack

OnDefend strengthens our client’s security posture by providing the preventative security testing, consulting and vulnerability management tools they need to reduce their risk and decrease their vulnerable IT surface area.

OnDefend - Cyber Security

We have what you need

We provide innovative, creative and proven information security services that improve our client’s overall security posture, reduce their risks and defend against continually evolving and persistent cybercriminals and adversaries.

Advanced Email Phishing

Prepare your human firewall for phishing attacks

Your employees are your “human firewall” and are targeted first in cyber-attacks. We will test to see how your employees perform against real business email compromise tactics.

We Test To See If Your Employees Will:

1. Download dangerous files that execute malware and ransomware.

2. Link to dangerous sites with malicious executables.

3. Provide login credentials to systems that house your systems and data.

Employee Training

What You Get

  • Monthly Testing & Training

  • Trends

  • Access to our proprietary Attack Identification solutions

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Application Security Testing

Verify your applications are ready for an attack!

We simulate a cyber-attack on your web or mobile applications to prove they are secure.

Tests We Provide:

1. Dynamic Security Test – We identify security vulnerabilities that can be exploited to obtain unauthorized access, access to sensitive data or deny the service of the application.

2. Statis (Code Based) Security Test – We pinpoint root causes of security vulnerabilities in source code, receive prioritized results sorted by severity of risk, and provide guidance on how to fix vulnerabilities in line-of-code detail.

Application Security Testing

What You Get

Comprehensive Report includes:

  • Detail of how each finding was identified and confirmed

  • Effective remediation recommendations

  • A full narrative of the engagement

  • Severity Rankings

  • Detailed recommendations of additional detection strategies

  • Identification of effective controls that prevent attacks

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Cloud Security Services

Prove your cloud environment is secure

We provide the security cloud services your organization needs to know that your environment, systems, and data are secure.

Our Cloud Services Include:

1. Cloud Security Assessment – We identify threats caused by misconfigurations, unwarranted access, non-standard deployments and other vulnerabilities.

2. Cloud Penetration Assessment – We use the latest in tactics, techniques, and procedures (TTPs) to perform both un authenticated and authenticated security testing of your cloud environment.

3. Cloud Migration Consulting – We will help you migrate some of the physical servers or your entire data center to the cloud allowing you to maintain cloud data ownership, control, security, and visibility.

Cloud Security Services

What You Get

Comprehensive Report includes:

  • Details on how each finding was identified and confirmed

  • Effective remediation recommendations

  • A full narrative of the engagement

  • Severity Rankings

  • Detailed recommendations of additional detection strategies

  • Identification of effective controls that prevent attacks

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Compliance Consulting

Do you have an industry compliance requirement to meet?

We will help you meet your industry compliance standards on your timeline and within your budget.

We Have Experience With:

– NI ST CSF – NIST 800-53 – NIST 800-171 – FedRAMP – FISMA – SOX – HIPAA/HITECH – GDPR
– SOC1 – ISO27001 – NYDFS – SOC3 – GLBA – PCS/DSS – HITRUST – CCPA – SOC2 –

And more…

What You Get

  • Compliance requirements met on your timeline

  • Budgetary requirements met

  • A true compliance management partner

  • Access to our Compliance Management (GRC) Platform

  • Identification of effective controls that prevent attacks

Vmanage Image:

  • See our findings and recommendations

  • Track your risk removal process

  • View trends and overall security improvement

  • View Demo

Comprehensive Risk Assessment

Want Visibility into Your Cyber Risks?

We provide a full risk assessment that identifies your cyber security vulnerabilities as well as recommendations to remove these risks along with a Comprehensive Security Roadmap.

What We Assess:

1. Policies and Procedures – We review and identify gaps in your current policies and procedures.

2. IT Asset Inventory – We review all tools and systems currently in use within your organization.

3. Network Vulnerability Test – We perform extensive testing on your network to look for any weaknesses.

4. 30-Day Employee Phishing Test – We test your employees’ response to potentially malicious emails.

Comprehensive Risk Assessment

What You Get

Comprehensive Report includes:

  • Identified Security Risks

  • Network Vulnerability Assessment Results

  • Email Phishing Results

  • Recommendations & Security Roadmap

  • Access to our Risk Management Platform

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

  • Access to our Risk Management Platform

Incident Response Readiness

Prove that your organization can respond to a cyber breach

We will verify that your company can respond to and recover from a successful cyber-attack.

What We Do:

1. Review your current Incident Response Plan to make sure it matches your technology, stakeholders and overall environment.

2. Proving the plan will work by simulating events with tabletop exercises.

3. Updating your plan so you can be confident it will work in real-time

If you do not have an incident response plan, don’t worry, we can build one for you.

What You Get

Comprehensive Report includes:

  • Executive Summary

  • Findings and Recommendations

  • Update & Actionable Plan

All results are available via our Risk Removal Portal

Vmanage Image:

  • See our findings and recommendations

  • Track your risk removal process

  • View trends and overall security improvement

  • View Demo

Network Penetration Testing

Test your security defenses before the bad guys do!

We simulate cyber-attacks on your network to prove if critic al systems can be exploited, sensitive data accessed and whether your defensive controls are working as expected.

Tests We Provide:

1. Network Penetration Testing (White Box) – We simulate a cyber-attack on your network to prove whether critical systems can be exploited and if sensitive data was accessed.

2. Attack Simulation Testing (Black Box) – We simulate a stealthier version of cyber-attack on your network to no t only prove what damage could be done, but if your security defenses will detect and alert as expected.

What You Get

Comprehensive Report includes:

  • Details on how each finding was identified and confirmed

  • Effective remediation recommendations

  • A full narrative of the engagement

  • Severity Rankings

  • Detailed recommendations of additional detection strategies

  • Identification of effective controls that prevent attacks

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Ransomware Attacks Are Inevitable

Due to Treasury decree of not negotiating with cyber criminals, your business could stop for good. Over 160 million ransomware attacks occur in the US with more coming, as FBI warns US businesses of “imminent” ransomware attacks on the rise.

Be prepared!

The only way to truly prepare for a real-world ransomware attack is to simulate the exact tactics used by malicious professionals and analyze your organization’s response.

Ransomware Attack Simulation

Unlike a Penetration Test, a Ransomware Attack Simulation Will:

  • Prove access can be gained through your employees and external defenses

  • Demonstrate how your security tools will respond to these types of attacks

  • Show how ransomware could spread & encrypt data throughout your organization

OnDefend shows you how to remove your ransomware weaknesses before cyber criminals can exploit them.

What You Get

We test how your organization’s technical and human defenses would respond to a ransomware attack by simulating and emulating real-world ransomware tactics.

  • We simulate an advanced ransomware phishing attack to verify if your email security, firewalls, and employees detect and prevent the breach.

  • Our advanced Business Email Compromise (BEC) tactics impersonate trusted people and companies.

  • We prove if your endpoint security solutions detect and prevent simulations of real-world ransomware attacks.

  • We map which devices and data are available for encryption as well as how quickly ransomware can spread.

  • We provide screenshots of all devices accessed as proof of execution and weaknesses.

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Ransomware Readiness Assessment

Don’t Get Locked Out

– It Will Cost You –

In today’s world, you must assume a ransomware attack is inevitable. What you do today can help secure your organization’s future – and we are here to help.

1. Ransomware Risk Review – We identify risks that will allow these attacks to infect your company and lock you out of business.

2. Ransomware Attack Simulation – We test your employees to show if they will fall victim and what data would be encrypted.

3. Ransomware Responsive Evaluation – We verify that your company can respond and recover from a successful attack so you can maintain business continuity.

What You Get

Our Comprehensive Report Includes:

  • Ransomeware Simulation Results

  • Network Vulnerability Assessment Results

  • Security Controls & Incident Response Risks

  • Recommendations & Ransomeware Ready Roadmap

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Security Project Consulting

Get the security assistance you need

We will help you with your specific security needs on a one-time or ongoing basis.

We Can Help You With:

Security Tool Assessment
New Security Tool Rollout
Policy & Procedure Development/Updates Systems, Data, & Asset Identification
System Access Control
Computer and Network Management
System Dev Lifecycle

System Configuration Management (hardware and software maintenance)
System Authorization
Privacy and Data Protection
Incident Response
Business and Data Protection

And More

What You Get

  • Project completion and satisfaction

  • Budgetary requirements met

  • A true information security partner

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Virtual Chief Information Security Officer

Get the fractional help you need to mature your security program.

We provide fractional information security leadership helping your company manage and mature your security program within your timeline and budget.

What We Assist With:

1. Identify and Prioritize your security program needs.

2. Develop a roadmap to accomplish those needs.

3. Share and Collaborate as one unified team.

4. Track action items, risks and tasks and measure progress.

5. Centralize reports that are easily shared with executives, board members, etc.

Virtual Chief

What You Get

  • Security leadership you can count on

  • True movement up the security curve

  • A true information security partner

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Vulnerability Management

Remove your network’s exposed risks

We will identify all exploitable vulnerabilities on your network every month, providing real-time results, risk scores and risk removal recommendations.

What We Do:

We will identify all exploitable vulnerabilities on your network every month, providing real-time results, risk scores and risk removal recommendations.

Our vulnerability management is as easy as 1-2-3:

1. We ship you our Sentinel
2. You plug our Sentinel into your network
3. V MANAGE starts testing your vulnerabilities

What You Get

Comprehensive Report includes:

    • Real-time vulnerability findings

    • Remediation recommendations

    • Remediation prioritization

All results are available via our Risk Removal Portal

Risk Removal Portal

Your Risk Removal Portal provides:

  • All security findings

  • Remediation recommendations

  • Remediation management functionality

  • Overall security trends and improvements

Companies We Serve

Discover Your Vulnerabilities Before Someone Else Does

Take the initiative and defend your company against cyber attacks before they happen using OnDefend’s preemptive cyber defense solutions.