DERUUA

Website map

Map mode: short, detailed, auto.

/ Cybersecurity of your applications, websites, networks, and organizations
What is penetration testing, and why it is the most effective way to ensure the information security of your websites, applications, networks, and organizations. Get a free consultation right now!

     /cyber-7 Seven analogies between cyber and physical diseases
Cybersecurity is cyber health. There are stages, factors, and symptoms of “diseases” affecting systems and organizations, similar to diseases of the body. H-X diagnoses “diseases” affecting systems and organizations just as specialized laboratories diagnose diseases in your body.

/about About H-X cybersecurity team. What makes us different. Company management. Competence. Certificates
Our competences and certificates on security and penetration testing.

     /vuln-mgt How to organize the full cycle of information security vulnerability management
To avoid serious security incidents, data leakage, business disruption, money loss and damage to your reputation, you should eliminate or remediate technical vulnerabilities as soon as possible.

/cases Case studies of completed projects. Our customers and their testimonials
Case studies of security assessment projects and penetration tests. Logos of our clients and their feedbacks.

/services Security assessment, implementation, compliance, training, and other services. Free and paid cybersecurity services
GRC services: Audits and Implementation of ISO 27001, VDA ISA, ENX TISAX®, PCI DSS, GDPR, etc.; Remote CISO and Security Team Extension and other services. IT and IT Security Services: Vulnerability Scanning, Pentests; Application Security; Website Protection, Monitoring and Incident Response; Security DevOps Express SOC; Training on Secure Software Development; Software Engineering; Security Analysis of Software Source Code; Development and Audit of Smart Contracts; Forensic Investigations.

     /assess Information security assessment services
Assessment of organizational and technical security. Security audits. Vulnerability scanning. Penetration testing.

          /scan Vulnerability Scanning and Monitoring online
Free of charge, automated vulnerability scanning and a cheap subscription for daily security monitoring of websites.

               /scan-tou Terms of Use for Vulnerability Scanner
Usage rules for our free of charge Vulnerability Scanner.

               /scan-guide Vulnerability Scanner User Guide
Easy guidance for users of our free of charge Vulnerability Scanner.

          /code-review Security Analysis of Source Code
Get an outstanding level of security with our automated and manual analysis of your source code! You never get such a level of assurance with penetration testing, automated code audit or any other security activities. This service can be delivered as a separate project, in combination with white-box penetration testing or as a part of Application Security or Security Assessment services.

          /sc-audit Smart Contract Audit
We review and verify project specifications and source code of smart contracts to assess their overall security, with a focus on weaknesses and potential vulnerabilities. We complement our findings with solutions that mitigate the risk of future attacks or loopholes.

     /compliance Implementation and managed compliance with ISO 27001, PCI DSS, VDA ISA, and other security standards and regulations
ISO 27001 and PCI DSS compliance services: audits, gap analysis, development of the implementation plan, certification and maintenance.

          /27001 Online Wizard for ISO 27001 Compliance Assessment
Check within 10 minutes the extent to which your company complies with ISO 27001 and what is still needed to achieve full compliance.

          /TISAX Implementation of VDA ISA and ENX TISAX®
Implement the VDA ISA security standard, pass the audit and obtain ENX TISAX® certification, and find new opportunities in the automotive industry.

               /VDA-TISAX Details on implementation of VDA ISA and obtain ENX TISAX® certification
We are proud that we have completed one of the first ENX TISAX® certification projects in Ukraine. After that, we used our experience in other ENX TISAX® implementations. We were the first and remain the best!

               /check-TISAX VDA ISA and ENX TISAX® Compliance Assessment Online Wizard
Check within 30 minutes to what extent your company complies with the requirements of VDA ISA standard and ENX TISAX® mechanism.

     /pci-dss-gdpr Implementation and managed compliance with PCI DSS, GDPR, and other security regulations and standards
PCI DSS and GDPR compliance services: audits, gap analysis, development of the implementation plan, certification and maintenance.

     /SOC Security Operations Center (SOC)
Security is not a state but a process. It is impossible to ensure security once and for all, but it must be maintained and improved constantly. We offer you a continuous subscription for our Security Operations Center as a Services (SOCaaS). We also help large companies build their own Security Operations Centers.

          /teamext Cybersecurity Team Extension Services and Continuous security by Remote CISO
Ensure your continuous security using a subscription to our Remote CISO and Cybersecurity Team Extension Services. Add our certified security specialists, security officers, and data protection officers to your team for short or long projects. We can work for you or your customers on your behalf. You are welcome to use our flexible team extension services!

          /training Application Security Training and Consulting Services
The application security training and consulting service is delivered in the form of workshops, lectures, tests and consultations for managers and team leads, software architects and analysts, software developers, and software testers.

          /website-SOC Continuous Protection of Websites
Website Protection, Monitoring, and Incident Response services are delivered by our Security Operations Center (SOC). Initial security hardening employs state of the art security solutions and methods for your website. Subsequent round-clock security monitoring is a proper complement to the initial hardening and one-time security assessment and penetration testing, because their effect for your security becomes out-of-date quickly, unlike constant monitoring.

     /appsec Application Security: Security DevOps, Secure Software Development Lifecycle, Training and Consulting Services
Would you like to improve the security of your software products, build secure software development processes and manage security during the whole software life cycle? Our expertise both in software development and in information security serves as a solid ground for delivering professional Secure Software Development Lifecycle (Secure SDLC) consulting services.

     /devs Software Engineering and DevOps Services
Our software development team performs security development and other software development tasks for our customers.

     /industrial Industrial IT/OT Security and SCADA Security Services
Security assessment of industrial IT and OT infrastructure. Security assessment of SCADA systems. Security hardening of industrial IT and OT systems. Disaster recovery and Business Continuity Management at industrial enterprises. Personnel education at industrial enterprises.

     /forensic Cybersecurity Incident Response and Information Security Forensic Investigation services
Our experts help mitigate and cease cyber attacks and other computer incidents, restore data and normal operations. Specialists of H-X Technologies take into account your business goals to choose the right incident response strategy and give corresponding priorities to your data integrity or confidentiality, your business continuity, identification of the attackers or their prosecution. We provide detailed forensic examination and analysis of computers, hard drives, mobile devices, and digital media. We know how to investigate difficult cases and employ cutting-edge techniques such as analysis of Random-Access Memory (RAM), registry, shadow volumes, timeline analysis, and other methods.

/news Our news
News about our services and other events.

     /incidents Cybersecurity incidents, threats, and industry news
News about cyber attacks, breaches, threats, vulnerabilities, exposures, other cyber incidents, and other security industry events.

     /partnership Partnership with H-X Technologies
Earn with us while selling penetration tests and other cybersecurity services!

     /career We are hiring!
We are looking for experienced cybersecurity practitioners: penetration testers, analysts, compliance managers, etc.

/contact Contact us!
Contact us about your needs on security services, partnership or other questions or suggestions.

/faq FAQ (Frequently Asked Questions)
What is behind penetration testing, why it is important and how to persuade people.

/policy Privacy and Confidentiality Policy
How we value your privacy and confidentiality.

/map Map of this website
List of web pages of this site.




Follow us on the social networks:


Who we are, what we do and what we offer.

About penetration tests.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI