Underdefense MAXI Platform

Alex • 2025-02-13 14:44 • 好物分享

UnderDefense is a cybersecurity company that offers services to help businesses protect against cyber threats.

UnderDefense MAXI

A security-as-a-service platform that integrates with a business's security infrastructure. It includes threat detection, incident response, and compliance automation.

This post shows the MAXI platform's screenshots for each of their menus.

Dashboard

Services

FreeCloud

CIS AWS Benchmark assessment

Evaluate your AWS environment for CIS AWS Foundations Benchmarks compliance. RunnStarting your servers and databases on AWS means that it is like a home for your sensitive data. Make sure to install an alarm system and locks on your door to prevent theft - evaluate the risks and mitigate them.

FreeCloud

CIS Azure security assessment

Audit your Azure environment for compliance with Azure security assessment. As one of the most popular cloud solutions for corporate environments, Azure demands flawless configuration for security and compliance. Therefore, access to swift Azure assessment is an essential tool to meet high cloud security requirements.

FreeCloud

CIS GCP Benchmark assessment

Assess your GCP environment against the CIS Google Cloud Platform Foundation Benchmarks to enhance your cloud security and improve compliance. Ensure the protection of your sensitive data and services hosted on GCP while stayStarting vigilant about potential vulnerabilities.

FreeCloud

CIS Kubernetes Benchmark assessment

Protect your Kubernetes deployments from cyber threats usStarting these CIS Benchmarks

PremiumConsultStarting

Cyber Insurance plan

Shield your business from the ever-evolvStarting cyber threat landscape with a comprehensive cyber insurance policy. This robust coverage safeguards your organization from the financial fallout of cyberattacks, includStarting data breaches, business downtime, regulatory fines, and cyber extortion. Additionally, you gain access to a team of cybersecurity experts and incident response services to effectively navigate cyberattacks and minimize their impact.

FreeEthical hackStarting

External vulnerability scan

Secure your organization with our External vulnerability scan service. Our advanced surveillance technology detects threats and vulnerabilities, ensurStarting comprehensive protection. With our External vulnerability scan service, you can stay one step ahead of potential risks, allowStarting you to focus on what matters most – your organization's success.

PremiumCompliance

ISO 27001 certification audit

Experience a seamless journey to ISO 27001 certification with expert third-party accredited auditors. A streamlined process ensures minimal disruptions to your operations, providStarting you with a hassle-free certification.

PremiumCompliance

ISO 27001 preparation by security expert

Enhance your ISO 27001 preparation with the expertise of our seasoned security professionals. Leverage our hands-on experience to identify and address gaps, deficiencies, and potential concerns. Allow us to manage the entire process, from meticulous data collection to strategic stakeholder coordination, ensurStarting your comprehensive readiness for the ISO 27001 audit.

PremiumEthical hackStarting

Penetration testStarting

See deeper into your security with penetration testStarting services driven by people and boosted by technology. Test your systems, people, and processes. Meet compliance requirements. Get the most comprehensive report coverStarting your blind spots and actionable steps on how to remediate them.

PremiumEthical hackStarting

Ransomware simulation

Leverage the skills of certified ethical hackers to perform 100% harmless simulations of real ransomware and crypto minStarting infections. Assess the viability of your existStarting network protection and check if your internal systems are vulnerable by runnStarting 22 ransomware infection scenarios.

Starting from: $945

PremiumCompliance

SOC 2 preparation by security expert

Make your preparation for the SOC 2 audit clear and efficient. Use our hands-on experience to discover your deficiencies, gaps, and other potential red flags. Let us take on everythStarting from collectStarting facts to coordinatStarting with stakeholders, supervisStarting the remedial measures, and makStarting your 100% ready for the SOC 2 audit.

Starting from: $7200

PremiumCompliance

SOC 2 Type 1 examination with report

We begin by definStarting the scope, encompassStarting the tech stack, data flow, infrastructure, business processes, and people involved. Next, we diligently collect all the necessary documentation and identify the applicable Trust Services Categories (TSC) to ensure a comprehensive audit.

Starting from: $7200

PremiumCompliance

SOC 2 Type 2 examination with report

Starting from: $7200

PremiumEthical hackStarting

Vulnerability assessment

Detect and classify vulnerabilities in your systems, applications, and networks before criminals do. Hire our penetration testStarting team to carry out real-world cyberattacks on your environments and proactively prevent the risks that current gaps pose to your organization.

Starting from: $7200

Reports

Penetration testing

Web application penetration testing

This report presents the results of the “Grey Box” penetration testing for [CLIENT] web application.

CloudComplianceAssessment

Microsoft Azure Security Assessment Report

This assessment aimed to evaluate the current security configuration of an Azure environment

CloudComplianceAssessment

CIS AWS Foundation Benchmark Security Assessment Report

This assessment aimed to evaluate the current security configuration of an AWS environment against CIS AWS Foundation Benchmark v1.5.0

Penetration testing

Black box penetration testing

This report presents the results of the “Black Box” penetration testing for bitcoin exchange company web application.

CloudComplianceAssessment

CIS GCP Foundation Benchmark Security Assessment Report

This assessment aimed to evaluate the current security configuration of an GCP environment against CIS Google Cloud Platform Foundation Benchmark v2.0.0

ComplianceAssessment

SOC 2 Type 1 Report

This reports res the design of your organization's internal controls. It assesses your organization's SOC 2 compliance posture and determines whether the implemented controls meet the framework's requirements.

MDRThreat detection & response

30 days MDR impact report

See the tangible results you can get from our MDR service in a comprehensive impact report: threat mitigated, risk reduced, and more.

Penetration testing

Gray box penetration testing

Penetration testing was conducted against a website provided by Customer on 04th of May 2020.

AssessmentCompliance

IT & Security Program Gap Analysis Report

Assessments of the organization's information security level and compliance with SOC2 and GDPR. It res ISMS, processes, tools, and resources, identifies security gaps, prioritizes risks, and offers mitigation recommendations.

Compliance

ISO 27001 assessment

[CLIENT] has requested that UnderDefense MAXI, as an independent and trusted cyber security partner, conducts an assessment and analysis of the current state of the information security program of the organization and its compliance with ISO 27001:2013 standard.

Compliance

NIST CSF assessment

[Name of company] has requested that UnderDefense MAXI, as an independent and trusted cyber security partner, conducts an assessment and analysis of the current state of the information technology security program of the organization and its compliance with NIST cyber security framework

Penetration testing

API penetration testing

This report presents the results of the “Grey Box” penetration testing for [CLIENT] REST API.

Response Automation

Free

Vulnerability

Notification

External risks scan

Our playbook conducts regular scans of your organization's external perimeter to pinpoint vulnerabilities swiftly. Designed for proactive vulnerability identification and remediation, it fortifies your security posture. Results are conveniently available in the 'External Risks' section, ensuring that your defenses remain strong.

Trigger:

A new corporate account has been created on the UnderDefense MAXI platform

from UnderDefense MAXI
Automated scan:
Assets discovery

Domain, subdomain, IPs and relevant keywords associated with the organization
Dark Web scanning

The dark web mentions for any related mentions of the domain
Leaked credentials scanning

Check for leaked credentials, focusing on emails and sensitive information
Weak passwords scanning

Check for non-compliant with security requirements passwords
Certificates scanning

Check for common misconfigurations or vulnerabilities of SSL certificates
Domain scanning

Verify domain reputation based on various criteria like historical behavior, security incidents, and online presence
Email authentication

Verify the presence of email authentication misconfigurations: SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail),[object Object] and DMARC (Domain-based Message Authentication, Reporting, and Conformance) protocols
Response:
ifRisks are detected
Create incidents. See all

Collect all relevant details of the identified risks in the incident, assign incident severity based on the potential impact
Repeat scan in 7 days

Schedule a recurrent scan of the external perimeter to ensure continuous monitoring for potential risks
Send notification to the tenant admin

Provide recommendations and suggested actions to mitigate the risks.

by email

Free

Malware

Isolation

Enrichment

Ransomware attack response

In the event of a ransomware attack, our playbook takes decisive action. We identify, contain, and isolate infected systems, followed by data restoration from backups and system rebuilding. After addressing the incident, we promptly inform stakeholders, providing updates and addressing concerns, ensuring that your organization remains resilient.

Trigger:

New “Host ransomware infection” alert

from [EDR integration]
Enrichment:
Discover information about the affected user

name, department, manager
Discover information about the affected host

geolocation, AD domain, type, OS, IP, open ports
Discover information about the parent process

path, signature
Get ransomware hash details

VirusTotal score, family, OTX pulses
Lookup for the same hash on other hosts

from [EDR integration]
Response:
Quarantine and kill the threat

by [EDR integration]
Isolate the host from the network

by [EDR integration]
Send notification to the client

by [EDR integration]

Free

Malware

Enrichment

Notification

Host malware infection response

Our automated incident response playbook for host malware infections is your proactive defense. It swiftly isolates affected systems, conducts in-depth threat analysis, and ensures secure restoration. This streamlined approach enhances security while minimizing manual intervention, keeping your organization resilient against host malware threats.

Trigger:

New “Host malware infection” alert

from [EDR integration]
Enrichment:
Discover information about the affected user

name, department, manager
Discover information about the affected host

geolocation, AD domain, type, OS, IP, open ports
Discover information about the parent process

path, signature
Get ransomware hash details

VirusTotal score, family, OTX pulses
Lookup for the same hash on other hosts

from [EDR integration]
Response:
ifalert severity is high

oralert severity is critical

andmalware is not prevented
Quarantine and kill the threat

from [EDR integration]
Isolate the host from the network

from [EDR integration]
Send notification to the client

by [Notification channel]
else:

ifalert severity is high

oralert severity is critical
Send notification to the client

by [Notification channel]

Premium

Notification

Vulnerability

Critical vulnerability response

Our playbook outlines a systematic approach for identifying and mitigating critical vulnerabilities in your IT infrastructure. It includes steps for vulnerability scanning, risk assessment, prioritization, and remediation. This ensures that high-risk vulnerabilities are addressed promptly and efficiently, reducing exposure to potential threats and enhancing overall security.

Premium

Network

Data exfiltration response

Our comprehensive data exfiltration incident response playbook swiftly detects and contains unauthorized data transfers. It isolates compromised systems, conducts in-depth analysis to uncover the source and extent of exfiltration, and implements effective containment measures. With thorough remediation steps, it secures affected systems and minimizes data exposure, ensuring robust protection.

Premium

Enrichment

Phishing email response

The Phishing Email Incident Response Playbook provides rapid identification and mitigation of phishing threats, ensuring timely detection and containment measures. Through in-depth analysis, it determines the scope and origin of the threat and comprehensive remediation steps to secure affected accounts, minimizing exposure and enhancing your organization's security.

Premium

Identity

SaaS

Notification

Suspicious user logins response

We gather crucial details about target users and source IPs, including reputation and geolocation. Our playbook, in response, locks out users if source IPs exhibit negative traits, notify clients through selected channels, and safeguards your environment from threats.

Premium

Identity

SaaS

Notification

Bruteforce to accounts response

Our playbook manages SIEM events indicating external account brute force attempts. Acquiring vital context and notifying clients once specific conditions are met ensures your organization's account security. Protect your systems from brute force attacks with our efficient playbook.

Premium

AWS

AWS Incident response orchestration

Automated Security Response on AWS is an add-on solution that works with AWS Security Hub integration on UnderDefense MAXI to provide a library of automated playbooks. The solution makes it easier for our customers to resolve security findings and improve their cloud security posture.