Berezha Security Blog

Critical Vulnerabilities We Had Found in 2019

Berezha Security is a rather small offensive security consultancy focused around high quality of results and long-term partnerships with every client. However, we find a lot of bugs, too, so we try to keep you up to date with what we find. Last year we listed Top-5 flaws that have let us into the clients’ infrastructure. This year we have decided to publish all the bugs that made us stop all pentesting activities, report the findings, and work with the clients to fix them as soon as possible. We rate this kind of bugs as Critical and deem them as all-stop events, the same way we treat finding an “incident in action” or obtaining access to large amounts of highly-sensitive data. So the bugs that made us freeze in 2019 are.

read more

Here we grow: Berezha Security is hiring!

Dear cybersecurity community, we are happy to start 2020 by opening a position of Penetration Tester in our Kyiv office. To submit your resume, go to and select ‘‘Work at Berezha” in the contact form. Please make sure you provide a URL to your CV or just send a copy to [email protected] Although we will carefully review and consider all received CVs, we guarantee an invitation for the interview to the professionals who demonstrated any of the following achievements…

read more

Berezha Security turns 5 today!

We send warm thanks to all our customers and partners: we greatly appreciate the trust you put in us and we will go on doing our best to meet your expectations! We greatly appreciate the work our team puts into the services we provide and we are proud to have every...

read more

Top 5 Things Companies Don’t Do for Security

In one of our previous posts, we wrote about the top 5 ways to get hacked that were extremely popular last year. This post is about the top 5 ways to protect yourself and your customers that companies could benefit from but they don’t.

read more

Free Startup Security Health Check

Startup Security Health Check - a free consulting day from Berezha Security for Ukrainian* startups. We decided to offer a one-day workshop to Ukrainian startups to test their security level. Free of charge. The thing with startups is not that they do not spend money...

read more

The Difference Between Organization and Product Security

Among Ukrainian organizations, we get the most requests from IT companies, and in this post, I want to talk about some accumulated experience. Quite possibly, it will be useful to other organizations in this business, and maybe organizations from other sectors. So if you know a CIO/CTO from an IT-firm, show them this text. It was written for them.

read more

+380 (44) 364 7336    +1 (315) 303 2323

6 Nimanska St., 41, Kyiv, Ukraine 01103

77 Sichovykh Striltsiv St., Kyiv, Ukraine