It’s good to have a hobby. It’s better if you share it with someone. It’s even better when you share it with colleagues and rediscover your teammates. It turned out that part of the Berezha Security team enjoys running. So no wonder we decided to participate in Wizzair Kyiv City Marathon. Let’s see, whose photo you like the most 🙂

Berezha Security turns six years old! Indeed, this year was the weirdest one with its challenges and all the changes happening in the world. However, it was still a good year: we completed over 50 projects and continued to grow.

A year ago, prior to the COVID-19 pandemic, probably very few people could imagine how the world would change. Working from home, remote business meetings, online events, and digital concerts are only some examples of the new normal. The things we could not imagine to go virtual very much did, to everyone’s surprise. Is remote audit possible without sacrifice on quality? Is onsite audit more a cultural thing or a real need? These are questions that arise; let’s try to look for the answers together.

Safety Detectives has recorded an interview with Vlad Styran, VP & Co-founder of Berezha Security: you can read its full transcript on their website.

Do you pentest against PCI DSS? Do you test for OWASP Top 10? Are Berezha Security reports ISO27001 compliant? These are just a few stunning questions we often hear from our future customers. Although they often sound naive, we have to elaborate on these questions. Otherwise, if our clients knew as much as we do, why would they need us? So, in this post, we share some of the frequent customer questions from our presale experience. How many of them are also on your list?

Every crisis is an opportunity in disguise. What companies benefited the most since the outbreak of COVID-19? Most probably, Zoom is on the shortlist. Indeed in the times of the new remote normal, communication becomes a critical part of your life. The number of daily Zoom meeting participants surged from 10 million in December 2019 to 300 million in April 2020. With popularity came attention to the security of the platform. No wonder that with this attention came news of security flaws found in the product. Probably, having end-to-end encryption (E2EE) implemented platform-wide would allow avoiding some of the issues. Let’s take a closer look at this.

In cybersecurity, several terms are closely related to each other, such as application security, security audit, security assessment, and penetration test. They are often misunderstood even by cybersecurity professionals. We must speak the same language as our customers and colleagues, so we decided to elaborate on them. Hopefully, you will be able to distinguish them when done reading this post.

GitHub, one of the leading source code hosting services, announces the launch of a static code analysis add-on. Will this become the “silver bullet” for creating vulnerability-free software? Let’s take a look.

Everyone loves getting new customers and projects. However, not everyone knows at what cost we have them. And I’m not talking about sales effort right now. I’m talking about the bureaucracy, which is an inevitable companion of a new deal. I’d like to share some of the issues we often have during the contract closure and give a couple of advice on dealing with them.

Останнім часом ми отримали ряд запитань про кіберінцидент у компанії SoftServe. Дякуюмо всім за увагу та турботу. Ми не будемо коментувати факт компрометації інфраструктури SoftServe, адже це прерогатива керівництва цієї компанії. Натомість хочемо надати факти, які стосуються компанії Berezha Security у цьому контексті.