Write a Review
Verified Profile
Berezha Security Group is a cybersecurity consulting firm specializing in all aspects of application security, infrastructure and social engineering penetration testing, cybersecurity consulting, and professional training.
Since its founding in 2014, Berezha has delivered over 120 projects for more than 80 clients worldwide. We have customers in all major business sectors, including IT services, software products, banking, fintech, retail, healthcare, media, gaming, consulting services, legal and advisory, and more.
Locations
Ukraine
6 Nimanska St., 41,
Kyiv,
kyiv
01103
+380 (44) 364 7336
Focus Areas
Service Focus
- IT Services
- Testing Services
Client Focus
- Small Business
- Large Business
- Medium Business
Industry Focus
- Information Technology
- Banking
- Financial & Payments
Berezha Security Group (BSG) Executive Interview
Vlad Styran
Co-Founder & CEO
Please introduce your company and give a brief about your role within the organization.
Berezha Security Group is a cybersecurity firm focused on application security, penetration testing, information security consulting, and professional training. Since our founding in 2014, we completed over 200 projects for over 100 clients. We have finished 2021 with a 20% growth in revenue, staff, and projects pipeline.
I am a co-founder and act as CEO since May 2021. At BSG I am responsible for our growth and customer success.
I am a co-founder and act as CEO since May 2021. At BSG I am responsible for our growth and customer success.
What is the story behind starting this company?
BSG started up in 2014 as a cyber security testing company with the goal to become one of the best cyber security firms. Now we provide top-quality cyber security consulting services to clients in all major verticals. However, due to our strong positions in application security and penetration testing, over 70% of our clients are IT Product startups and IT Services firms, mainly focused on software engineering.
What are your company’s business model–in house team or third party vendors/ outsourcing?
We are mainly a cyber security consulting practice, with a focus on software security and everything around it. We source our projects by permanent staff, with 2-3 exceptions per year, when the nature of the engagement requires external expertise, such as a deep understanding of AI, formal approach to cryptographic review, experience with certain hardware, etc.
How does your company differentiate itself from the competition?
We provide premium services for affordable rates because of our unique approach to cybersecurity assessments. We eliminate dull routines from our job using our own in-house developed collaboration platform. We call it DARTS: Dynamic Application Red-Teaming Solution, and it solves two of the worst productivity issues in this profession. First, our consultants and pentesters do not waste their time writing reports. Second, our customers can have interactive online access to project progress and deliverables.
Please share some of the services that you offer for which clients approach you the most for?
Application Security assessments 76%.
Penetration Testing services 10%.
Cybersecurity consulting 9%.
Professional training 5%.
Penetration Testing services 10%.
Cybersecurity consulting 9%.
Professional training 5%.
What is your customer satisfaction rate according to you? What steps do you take to cater to your customer’s needs and requirements?
We have a 5/5 stars rating as well as maintain our references and a similar rating on GoodFirms. Our exit interviews demonstrate similar figures.
What kind of support system do you offer to your clients for catering to their queries and issues?
We have a dedicated PMO that manages all customer communications throughout a project. We also onboard our permanent clients to our pentesting platform, where we can collaborate on our findings much more quickly and reliably than via document exchange. It is called DARTS, and it is basically Google Docs + Jira for hackers and defenders.
What kind of payment structure do you follow to bill your clients? Is it Pay per Feature, Fixed Cost, Pay per Milestone (could be in phases, months, versions etc.)
Our projects are mainly Fixed Costs, with a 50/50 split in advance and post-payment. In a few permanent engagements where bill monthly.
Do you take in projects which meet your basic budget requirement? If yes, what is the minimum requirement? If no, on what minimum budget you have worked for?
We do not have minimum requirements, but we expect work to take at least a week, so there is a natural lower limit to our price tag. It is about 2500 USD.
What is the price range (min and max) of the projects that you catered to in 2020?
Our averages in 2020 and 2021 were 7600 and 7300 USD respectively. Min and max were about 2500 and 50000 each year, based on the size and complexity of the project scope.
Where do you see your company in the next 10 years?
10 years is way beyond our planning horizon: 10 years ago we did not exist. In 5 years we are aiming to become a team of at least 50 consultants with an overall staff of about 75 people. We are planning to increase our marketing effort and increase our InfoSec and cybersecurity consulting capacity. We also hope to scale up our DARTS platform and make it a software product others could benefit from as we do now.
Berezha Security Group (BSG) Clients & Portfolios
Berezha Security Group (BSG) Reviews
3 Reviews
- All Services
- IT Services
- Testing Services
- Relevance
- Most Recent
- Rating: high to low
- Rating: low to high
Dmytro Vdovychynskyi
Posted on Aug 05, 2021
Security assessment
Review Summary
It's been a second time when we decide to make an application and infrastructure Security Assessment together with BSG and I've been pleased to work with them. They are result-oriented professionals, committed, and on time.
Vitalii Savisko
Posted on Jul 01, 2021
Network and social engineering
Review Summary
This year Berezha Security helped us to perform Network and social engineering penetration testing and additionally application pen. testing.
We appreciate professional communications, cybersecurity, and engineering skills, along with their efforts within these projects. Detailed reports contain easy to understand thread model, evidence, and all the necessary recommendations about how to fix findings. They also provide free re-test in 60 days.
We appreciate professional communications, cybersecurity, and engineering skills, along with their efforts within these projects. Detailed reports contain easy to understand thread model, evidence, and all the necessary recommendations about how to fix findings. They also provide free re-test in 60 days.
Xattab X
Posted on May 19, 2021
Penetration testing project
Review Summary
Magnificent - professional work & team.
An excellent approach to the project.
Good communication with the project development team. Quick understanding of the essence of the application and its potential vulnerabilities.
An excellent approach for conducting threat modeling for an application in conjunction with the development team.
An informative report as well as real recommendations for mitigation the vulnerabilities found.
I recommend this company to any business looking for cybersecurity consulting.
An excellent approach to the project.
Good communication with the project development team. Quick understanding of the essence of the application and its potential vulnerabilities.
An excellent approach for conducting threat modeling for an application in conjunction with the development team.
An informative report as well as real recommendations for mitigation the vulnerabilities found.
I recommend this company to any business looking for cybersecurity consulting.
Resources
