Skip to content

List of companies or individuals offering cybersecurity services, data, or other tangible assets to assist in Ukraine's defense of its independence.

License

Notifications You must be signed in to change notification settings

r-cybersecurity/list-of-security-resources-for-ukraine

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 

Repository files navigation

List of Cybersecurity Resources for Ukraine

This is a dictionary of companies or verified experts offering cybersecurity services, data, or other tangible assets to assist in Ukraine's defense of its independence. Secondarily, this may also have resources for other entities in responding to the increasing threat of Russia beyond its own borders.

This repository is CC BY-NC-SA 4.0 licensed. Please keep in mind what rights are being retained by the companies and individuals volunteering here if you plan to adapt, remix, or redistribute this work using the rights granted to you. More information is available in issue #22, CC BY-NC-SA, Personal Privacy, and You.

Resources for Companies/Governments (Ukraine and EU)

GreyNoise

Source of information: https://twitter.com/Andrew___Morris/status/1496923545712091139

Services being offered: Threat Intelligence

Who is eligible: All people can access GreyNoise's list of IPs performing recon against Ukrainian IPs. Ukrainians & NATO members can access additional services through GreyNoise.

How are the services accessed: Ukrainians & NATO members can access enhanced services by signing up for GreyNoise where they will be automatically upgraded on signup, and existing accounts have been upgraded.

Kontinuum

Source of information: Kontinuum reached out to r/cybersecurity via Reddit and GitHub

Services being offered: Free Security assessments and free remediation if in our skill set, 30 days free NGAV with SOC monitoring/threat Intel for workstations, servers, mobile devices, real time IP address scanning an blocking of traffic on firewalls. The 30 days can be extended as needed per conditions in Ukraine and heightened alert levels.

Who is eligible: freelance journalists, Ukranians, anyone helping the Ukrainian effort or any company stateside.

How are the services accessed: please send an email to [email protected] and we will get in touch with you to help where and how we can.

Minerva Labs

Source of information: Minerva Labs reached out ro r/cybersecurity via Reddit and GitHub

Who is eligible: Ukrainian organizations

Services being offered: Endpoint Security for Windows systems (including legacy systems) - Free of charge for 6 months. Unlimited endpoints

How are the services accessed: They need to sign up with this form and Minerva will contact them and set them up with an account and help them get started

SentinelOne

Source of information: https://twitter.com/milad_aslaner/status/1498706393511211009

Services being offered: SentinelOne Singularity platform (endpoint protection) and Managed Detection & Response service free for 90 days

Who is eligible: Ukraine

How are the services accessed: Request access via https://www.sentinelone.com/lp/ukraine-response/

Silent Breach

Source of information: https://silentbreach.com/News/silent-breach-offers-ukrainian-orgs-free-cybersecurity-tools/

Services being offered: Quantum Armor, Silent Breach's Attack Surface management platform, including cloud security and threat intelligence

Who is eligible: All Ukrainian orgs.

How are the services accessed: A free version can be accessed directly via qarmor.io but for full permissions (which is free for all Ukrainian orgs) potential clients will need to contact an account manager to get set up and trained in. This can be done within 72 hours of initial contact.

MindWise

Source of information: https://www.mindwise.io/ukraine-cybersecurity-aid

Services being offered: Account Takeover Detection, Data Breach Detection, Threat Intelligence

Who is eligible: Ukrainian organizations such as businesses, corporations, or governments

How are the services accessed: email [email protected] or schedule a meeting through the above link

NETDEEP

Source of information: https://www.linkedin.com/feed/update/urn:li:activity:6907696903765770240

Services being offered: Network Firewall and Cybersecurity Defensive Services (12 months)

Who is eligible: Ukranians companies

How are the services accessed: Visit https://www.netdeep.com.br/firewall/

Private Individual

Source of information: This GitHub

Services being offered: eBGP Network peering to filter Malicious IP space, Botnets, Tornodes, etc. actively targeting Ukrainian resources, on BGP capable network devices

Who is eligible: Entities in need in Ukraine

How are the services accessed: Network Engineers / IT Technicians need to contact [email protected] in order to setup eBGP peering sessions between their network devices and my eBGP network peer.

MacPaw

Source of information: https://macpaw.com/news/data-protector-spy-buster

Services being offered: Free software application, uses static analysis to identify potentially unwanted Russian and Belorussian software, dynamic analysis to monitor outgoing traffic to detect and block unwanted connections to Russian servers.

Who is eligible: All.

How are the services accessed: https://research.macpaw.com/spy-buster/

CybelAngel

Source of information: https://cybelangel.com/blog/message-on-ukraine/

Services being offered: Cybelangel offers 24/7 monitoring services to detect cyber exposure of critical assets at no charge

Who is eligible:

  • Ukrainian private companies who wish to asses their digital exposure in Ukraine
  • NGOs active in the war who wish to minimize the risks of their missions being interrupted by cyber attacks

How are the services accessed: Please first contact [email protected], afterwards, access will be granted to CybelAngel's SaaS platform

Hyperproof

Source of information: https://hyperproof.io/cyber-defense-solution/

Services being offered: Hyperproof's compliance operations software (sold typically as an annual subscription) is available for free to all eligible companies for one full year. The software includes a risk register, capabilities for assessing and managing security controls, documenting issues and remediation plans, and automated alerting and monitoring capability for risks and security controls.

Who is eligible: All western companies in the United States and in the European Union which are classified as critical infrastructure sectors. For US companies, we use the definition from CISA. According to CISA, there are 16 critical sectors “whose assets, systems, and networks, whether physical or virtual are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health, or any combination thereof.” For EU companies, we use the definition from Council Directive 2008/114/EC.

How are the services accessed: Request access at https://hyperproof.io/cyber-defense-solution/ A rep from Hyperproof will be in touch with the person who made the request, have a quick call to confirm key details including eligibility, and then provision the software to any eligible organization.

Vectra AI

Source of information: https://www.vectra.ai/forms/complimentary-security-tools-services-in-response-to-the-conflict-in-ukraine

Services being offered: Threat detection and response in hybrid and multi-cloud enterprises:

  • Scan Microsoft Azure AD and M365 environments for signs of attack activities
  • Monitor AWS infrastructure for signs of active attacks, in addition to provision of detection and response for both the network and control plane of AWS accounts
  • Surveil network infrastructure both on-premises and in the cloud for signs of attack, including deployment of Vectra sensors that are purpose-built to detect malicious behavior
  • Support the retention of historical metadata to aid incident response investigations based on indicators of compromise (IOCs) for specific attack variants.

Who is eligible: any organizations who believe they may be targeted as a result of the current conflict

How are the services accessed: Fill out this form to access the Complimentary Security Tools & Services

Hypasec (Chris Kubecka)

Source of information: GitHub issue

Services being offered: Incident Response services

Who is eligible: EU-based NATO members, Ukranians, journalists, other

How are the services accessed: by email form or phone call listed on hypasec.com

Intelligence X

Source of information: https://twitter.com/_IntelligenceX/status/1497671064054288384

Services being offered: Full access to OSINT platform

Who is eligible: Ukrainian government

How are the services obtained: Sign up with an email address ending in gov.ua and you will be automatically upgraded

Private Individual (Phaedrus)

Source of information: #11

Services offered: Threat Intelligence and Mitigation

Who is eligible: all

How are the services accessed: email [email protected]

FlokiNET

Source of information: https://twitter.com/FlokiNETehf/status/1496968251615686657

Services being offered: web infrastructure, DDoS protection.

Who is eligible: Ukrainian journalists & news agencies.

How are the services accessed: Email [email protected]

Malware Patrol

Source of information: https://www.linkedin.com/feed/update/urn:li:activity:6903059206522712064/

Services being offered: Free 6 months DNS Firewall service subscription

Who is eligible: Ukraine-based companies and government entities

How are the services accessed: Complete the DNS Firewall evaluation form and put "Ukraine based" in the comments. Then, follow the instructions to set up an evaluation call with Malware Patrol to discuss the set-up for your security environment. https://www.malwarepatrol.net/dns-firewall-evaluation-request/?source=ukraine

Michael Thiessmeier (Expert), Allied Cyberpartners (company)

Source of information: https://www.linkedin.com/posts/michaelthiessmeier_ukraine-cybersecurity-alliedcyberpartners-activity-6899690456368709632-DDI2

Services being offered: Personal Security & Cybersecurity consulting (individuals and organizations )

Who is eligible: Ukrainians and Ukrainian Organizations

How are the services accessed: Contact directly on LinkedIn or by emailing [email protected]

Open Technology Fund

Source of information: https://twitter.com/sa0un/status/1497299556022857730

Services being offered: DDoS mitigation, secure web hosting

Who is eligible: people/organizations in Ukraine

How are the services accessed: DM @sa0un

Prevailion

Source of information: https://www.linkedin.com/feed/update/urn:li:activity:6902750306459820032/

Services being offered: Threat Intelligence

Who is eligible: Any organization in the Ukraine.

How are the services accessed: Email [email protected] for free access to Prevailion's APEX platform.

Profero

Source of information: https://twitter.com/GelosSnake/status/1497683065799262211

Services being offered: Incident Response, defensive activities

Who is eligible: Unclear

How are the services accessed: Contact @GelosSnake (?)

TCP Direct

Source of information: https://twitter.com/tcpdirect/status/1497017919917678593

Services being offered: Hosting and VPNs

Who is eligible: Unclear

How are the services accessed: DM @tcpdirect, or email [email protected], or use #tcpdirect on ircdchat

Recorded Future

Source of information: https://twitter.com/cahlberg/status/1496874932273389569

Services being offered: Threat Intelligence

Who is eligible: Unknown (Ukraine?)

How are the services accessed: Unknown

Dragos

Source of information: https://twitter.com/RobertMLee/status/1496862093588455429

Services being offered: Dragos Platform, managed ICS cybersecurity services, Incident Response.

Who is eligible: Small co-op/municipal utilities in US, UK, Australia, New Zealand

How are the services accessed: Contact staff (https://www.linkedin.com/in/robmichaellee)

Bitdefender

Source of information: https://www.bitdefender.com/ukraine.html

Products in scope: Consumer and business solutions

Who is eligible: Consumer - Ukraine citizens (free, for as long as needed); Business - Unkraine businesses or public entities (free, for as long as needed); EU & NATO based businesses and public entities (free for 1 year to replace vendor who has technical or geopolitical trust concerns)

Obtaining subscription: complete and submit website form (see link above)

Additional Resources

Chris Culling (@chrisculling)

is also compiling a spreadsheet titled Free Cyber & Humanitarian Services for Ukraine, which has some additional content for businesses needing cybersecurity services, but also has content for individuals needing many essential security/communications resources (free texts/calls/connectivity, VPN accounts for journalists, antimalware, etc.).

As his list is exceptionally high quality and extends the services/options available to those in need, we are linking to it instead of duplicating his excellent work: https://docs.google.com/spreadsheets/d/18WYY9p1_DLwB6dnXoiiOAoWYD8X0voXtoDl_ZQzjzUQ/

Notes

To make this most effective, this repository will only take entities which are making tangible commitments to Ukraine or other countries in need. No thoughts & prayers are allowed on this list. Further, entities that provide easy to access services will be placed near the top of their section, and those making a specific commitment to provide services to Ukraine but not detailing how Ukrainians could access those services will be placed near the bottom of their section.

Contributing

To add a resource you've found - either a company or verified expert offering resources to Ukraine, create a new Issue and use the provided template to provide the requested information (such as the source of the information, the company name, what services are being provided, etc.). Moderators will validate, add your finding to the list, and close the issue manually. You will need a GitHub account for this.

About

List of companies or individuals offering cybersecurity services, data, or other tangible assets to assist in Ukraine's defense of its independence.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •