Visit website

Application Security & Penetration Testing

Berezha Security Group is a cybersecurity consulting firm specializing in all aspects of application security, infrastructure and social engineering penetration testing, cybersecurity consulting, and professional training.

Since its founding in 2014, Berezha has delivered over 120 projects for more than 80 clients worldwide. We have customers in all major business sectors, including IT services, software products, banking, fintech, retail, healthcare, media, gaming, consulting services, legal and advisory, and more.

Certifications/Compliance

ISO 27001
ISO 9001:2015
UkraineUkraine
6 Nimanska St., 41, 01103
+380 (44) 364 7336
$50 - $99/hr
10 - 49
2014

Service Focus

Focus of Testing Services
  • Application Security Testing - 100%
Focus of IT Services
  • Cyber Security - 100%

Industry Focus

  • Information Technology - 25%
  • Financial & Payments - 10%
  • Banking - 10%
  • Business Services - 7%
  • Healthcare & Medical - 5%
  • Productivity - 5%
  • Other - 38%

Client Focus

70% Small Business
25% Midmarket Business
5% Enterprise

Review Analytics of Berezha Security Group (BSG)

3
Total Reviews
5.0/5
Overall Rating
0
Recent Reviews

What Users Say

Security assessment
Dmytro Vdovychynskyi
Dmytro Vdovychynskyi
Network and social engineering
Vitalii Savisko
Vitalii Savisko
Penetration testing project
Xattab X
Xattab X

Detailed Reviews of Berezha Security Group (BSG)

5.03 Reviews
Write a Review
Dmytro Vdovychynskyi
Dmytro Vdovychynskyi
Posted on Aug 5, 2021

Security assessment

It's been a second time when we decide to make an application and infrastructure Security Assessment together with BSG and I've been pleased to work with them. They are result-oriented professionals, committed, and on time.

What service was provided as part of the project?

Testing Services, IT Services

Rating Breakdown

  • Quality
  • Schedule & Timing
  • Communication
  • Overall Rating

Project Detail

  • $10001 to $50000
Vitalii Savisko
Vitalii Savisko
Posted on Jul 1, 2021

Network and social engineering

This year Berezha Security helped us to perform Network and social engineering penetration testing and additionally application pen. testing.
We appreciate professional communications, cybersecurity, and engineering skills, along with their efforts within these projects. Detailed reports contain easy to understand thread model, evidence, and all the necessary recommendations about how to fix findings. They also provide free re-test in 60 days.

What service was provided as part of the project?

IT Services, Engineering Services

Rating Breakdown

  • Quality
  • Schedule & Timing
  • Communication
  • Overall Rating
Xattab X
Xattab X
Posted on May 19, 2021

Penetration testing project

Magnificent - professional work & team.
An excellent approach to the project.
Good communication with the project development team. Quick understanding of the essence of the application and its potential vulnerabilities.
An excellent approach for conducting threat modeling for an application in conjunction with the development team.
An informative report as well as real recommendations for mitigation the vulnerabilities found.
I recommend this company to any business looking for cybersecurity consulting.

What service was provided as part of the project?

IT Services

Rating Breakdown

  • Quality
  • Schedule & Timing
  • Communication
  • Overall Rating

Client Portfolio of Berezha Security Group (BSG)

Project Industry

  • Productivity - 100%

Major Industry Focus

Productivity

Project Cost

  • $0 to $10000 - 100%

Common Project Cost

$0 to $10000

Project Timeline

  • 1 to 25 Weeks - 100%

Project Timeline

1 to 25 Weeks

Portfolios: 1

Web Application Security Assessment for a SaaS Product

Executive Interview of Berezha Security Group (BSG)

Vlad Styran
Vlad Styran
Co-Founder & CEO
Visit Profile
Please introduce your company and give a brief about your role within the organization.
Berezha Security Group is a cybersecurity firm focused on application security, penetration testing, information security consulting, and professional training. Since our founding in 2014, we completed over 200 projects for over 100 clients. We have finished 2021 with a 20% growth in revenue, staff, and projects pipeline.
I am a co-founder and act as CEO since May 2021. At BSG I am responsible for our growth and customer success.
What is the story behind starting this company?
BSG started up in 2014 as a cyber security testing company with the goal to become one of the best cyber security firms. Now we provide top-quality cyber security consulting services to clients in all major verticals. However, due to our strong positions in application security and penetration testing, over 70% of our clients are IT Product startups and IT Services firms, mainly focused on software engineering.
What are your company’s business model–in house team or third party vendors/ outsourcing?
We are mainly a cyber security consulting practice, with a focus on software security and everything around it. We source our projects by permanent staff, with 2-3 exceptions per year, when the nature of the engagement requires external expertise, such as a deep understanding of AI, formal approach to cryptographic review, experience with certain hardware, etc.
How does your company differentiate itself from the competition?
We provide premium services for affordable rates because of our unique approach to cybersecurity assessments. We eliminate dull routines from our job using our own in-house developed collaboration platform. We call it DARTS: Dynamic Application Red-Teaming Solution, and it solves two of the worst productivity issues in this profession. First, our consultants and pentesters do not waste their time writing reports. Second, our customers can have interactive online access to project progress and deliverables.
Please share some of the services that you offer for which clients approach you the most for?
Application Security assessments    76%.
Penetration Testing services        10%.
Cybersecurity consulting        9%.
Professional training            5%.
What is your customer satisfaction rate according to you? What steps do you take to cater to your customer’s needs and requirements?
We have a 5/5 stars rating as well as maintain our references and a similar rating on Goodfirms. Our exit interviews demonstrate similar figures.
What kind of support system do you offer to your clients for catering to their queries and issues?
We have a dedicated PMO that manages all customer communications throughout a project. We also onboard our permanent clients to our pentesting platform, where we can collaborate on our findings much more quickly and reliably than via document exchange. It is called DARTS, and it is basically Google Docs + Jira for hackers and defenders.
What kind of payment structure do you follow to bill your clients? Is it Pay per Feature, Fixed Cost, Pay per Milestone (could be in phases, months, versions etc.)
Our projects are mainly Fixed Costs, with a 50/50 split in advance and post-payment. In a few permanent engagements where bill monthly.
Do you take in projects which meet your basic budget requirement? If yes, what is the minimum requirement? If no, on what minimum budget you have worked for?
We do not have minimum requirements, but we expect work to take at least a week, so there is a natural lower limit to our price tag. It is about 2500 USD.
What is the price range (min and max) of the projects that you catered to in 2020?
Our averages in 2020 and 2021 were 7600 and 7300 USD respectively. Min and max were about 2500 and 50000 each year, based on the size and complexity of the project scope.
Where do you see your company in the next 10 years?
10 years is way beyond our planning horizon: 10 years ago we did not exist. In 5 years we are aiming to become a team of at least 50 consultants with an overall staff of about 75 people. We are planning to increase our marketing effort and increase our InfoSec and cybersecurity consulting capacity. We also hope to scale up our DARTS platform and make it a software product others could benefit from as we do now.