Defense.com

Service scope

Software add-on or extension: No
Cloud deployment model: Private cloud
Service constraints: N/A
System requirements: Endpoint agent system requirements:

Windows 7 with Service Pack 1, Windows 8.1

Windows 10, Windows 11

2GB RAM

2.5GB available HDD space

MacOS Yosemite (10.10) or later, 1GB available HDD space

Supported browsers:

Safari, Mozilla Firefox, Google Chrome

User support

Email or online ticketing support: Email or online ticketing
Support response times: We endeavour to respond to all support enquiries as quickly as possible, and we have dedicated SLAs for responding to security events.
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: Web chat
Web chat support availability: 24 hours, 7 days a week
Web chat support accessibility standard: None or don’t know
How the web chat support is accessible: Live chat and file sharing with customer support representatives.
Web chat accessibility testing: We use Intercom who are compliant with the Web Content Accessibility Guidelines 2.0 Level AA.
Onsite support: No
Support levels: We provide 24/7/365 platform support, which consists of customer support specialists, platform engineers and SOC analysts.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Our customer support team helps to onboard each customer remotely. Training is provided both through the Defense.com platform and via the customer success teams as needed. We provide a chat service to help support users as well as online help guides and other documentation.
Service documentation: Yes
Documentation formats: HTML

PDF
End-of-contract data extraction: Data is exportable via the portal or on request via our customer success team.
End-of-contract process: At the end of the service, any documentation or reports are maintained for up to 12 months before being deleted to allow customers sufficient time to export required data. Data can be stored for longer on request at an additional fee. Customers can also choose a lower package that allows the customer to maintain access to Defense.com and any report data/information supplied.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari
Application to install: Yes
Compatible operating systems: Linux or Unix

MacOS

Windows
Designed for use on mobile devices: No
Service interface: Yes
User support accessibility: None or don’t know
Description of service interface: Defense.com is a web interface, accessible via the internet and provides features and functionality to setup and access to security threats generated form the security tools provided as part of our services.
Accessibility standards: None or don’t know
Description of accessibility: Defense.com is a web interface, accessible via the internet and provides users with the functionality to setup and manage threats from all of the different features provided within the platform.
Accessibility testing: None currently, however our support interface is using Intercom which is WCAG 2.0 level AA compliant.
API: No
Customisation available: Yes
Description of customisation: It is possible to configure different levels of user access within the platform, plus various elements of our Vulnerability Scanning engine, Endpoint Protection agents, Phishing Simulation campaigns and SIEM deployment.

Scaling

Independence of resources: We do not provide a formal guarantee but the service is a SaaS platform based on highly-scalable infrastructure.

Analytics

Service usage metrics: Yes
Metrics types: Service metrics depend on what services are included in the package. We track report delivery SLA, service uptime, data retention, SLA on critical support tickets and security incidents and various feature-specific reports.
Reporting types: Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: None

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest: Physical access control, complying with another standard

Encryption of all physical media

Scale, obfuscating techniques, or data storage sharding
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: A third-party destruction service

Data importing and exporting

Data export approach: Data can be exported via most features in the platform as a PDF, CSV or via a compressed file.
Data export formats: CSV

Other
Other data export formats: CSV

PDF
Data import formats: CSV

Other
Other data import formats: .doc

.txt

Image files

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: Defense.com will monitor all key components used in the delivery of the services 24 hours a day, 7 days a week, 365 days a year. Defense.com will provide technical staff 24x7x365 to support the services provided and to assist customers via chat. Email support will also be provided but should not be used for emergencies.

Credits shall be credited against the next Monthly Recurring Service Fees and shall be paid by Defense.com within 30 days of the customer’s valid demand. Credits apply individually for anyone independent event (or series of related events) and shall not accrue concurrently, sequentially or in aggregate as a consequence of the same event (or series of related events) across all Service levels and the highest credit will apply.

Defense.com liability in each month is limited to 100% of the Monthly Recurring Service Fees for the directly affected services in the month in which the guarantees were not met and subject to any of the exclusions set, including any scheduled maintenance or outages caused by client errors or omissions.
Approach to resilience: This is available on request, we run a highly resilient cloud service.
Outage reporting: A public dashboard and email alerts.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Username or password
Access restrictions in management interfaces and support channels: Management access is restricted via role based access, two factor authentication and username and password combination.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Username or password

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: British Assessment Bureau
ISO/IEC 27001 accreditation date: 27/10/2023
What the ISO/IEC 27001 doesn’t cover: N/A
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: Yes
Who accredited the PCI DSS certification: One Compliance Cyber Ltd
PCI DSS accreditation date: 28/03/2024
What the PCI DSS doesn’t cover: Only our Managed SOC is certified as PCI Compliant.
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: Yes
Any other security certifications: ISO 9001:2015

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: We operate an integrated management system (IMS) combining several management systems, (ISO27001, ISO9001, Cyber Essentials and PCI DSS) in to a single, overall comprehensive, harmonised and fully certified management system. Our IMS combines all aspects of our organisation’s security and quality systems, policies and processes into one smart system. This approach allows our organisation to streamline its management, save time and increase efficiency by addressing all elements of the management system as a whole. Our reporting structure is a tiered system, staring with Information Asset Owners (IAO) who report to departmental Information Risk Owners (IRO). The IRO’s report to the Information Security Officer (ISO) who in turn reports to the Senior Information Risk Owner (SIRO). Our policies are enforced via our Employee Handbook and all staff have a 1-2-1 session with the ISO on joining and must complete mandatory security awareness training. This is repeated on a annual basis. On-going education is communicated as and when required throughout the organisation and working/steering groups are established to ensure effectiveness of the policies.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Changes are managed via the organisation's Change/Project Management Policy where a 'Plan, Do, Check, Act' model is adopted and followed. Changes are assessed for their security impact by completing the change management form and once complete, the ISO is engaged to identify potential risks and their impact. The ISO will also identify mitigating controls which may or may not be required to bring any potential risk in line with the organisation's risk tolerance.
Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach: Threats to the organisation and services have been assessed and categorised into 'Threat Sources' and 'Threat Actors', where risk assessments are frequently performed against these threats. A Risk Steering Group meets quarterly where threats are monitored. The organisation has established a process to monitor patch releases through Microsoft Intune and ensure automatic patch updates are enabled. AV patching is performed automatically and critical security vendor patches are applied within 30 days. Open and Closed source intel is gathered on a continuous basis, identifying real-time threats. CiSP, NCSC threat briefings are two sources where we gather threat intel from.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: We have a 24/7/365 SOC service delivered via our Defense.com platform. Our team of expert SOC analysts proactively monitor the service for Indicators Of Attack (IOA) and Indicators Of Compromise. We have predefined runbooks which detail how we detect and respond to incidents which the team follow. If we identify a threat our Incident Response team are engaged and the SOC works closely with them to triage and respond to the incident. We have a 30 minute SLA on detection, 3 hour incident response initial response/triage and 24 hour onsite forensic response.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: Incident management is managed via our Information Security Incident Management Policy. Our Business Continuity Plan lists a predefined process for common security events. Security events are monitored and raised by our Security Operations Centre (SOC) and managed by the Incident Response Team headed by the Incident Risk Manager (IRM). Users report security events via phone or email to the SOC. Incident reports are by way of an Security Incident Summary Report which is completed by the (IRM), as is the Information Security Incident Process Improvement Plan, where any identified improvements are recorded and managed on the Management Action Plan (MAP).

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Social Value

Wellbeing

We offer several perks to our staff, one being a wellness programme consisting of mediation, yoga, pilates, workouts, sleep stories and wellness webinars. Another benefit is our comprehensive private medical insurance. Our healthcare covers mental health including counselling, cancer, dental, optical cover, muscular support, and a Digital GP app where GP services are available around the clock. Employees are also entitled to a gym subsidy of 50% towards memberships encouraging fitness. This is promoted with all new starters and shared across the business as part of our quarterly updates and management training. Wellbeing Wednesday is another initiative we recently launched where we arrange company webinars once per month on different wellbeing topics, including; Understanding & avoiding burnout, Nutrition 101, Work-life balance, Emotional intelligence, Building resilience, and Time management. As a business we have adopted a hybrid working model, allowing individuals and teams to work where they feel most comfortable but at the same time encouraging teams to get together in the office for team bonding and social face to face events as we recognise this is important for general mental wellbeing. We operate a cycle to work scheme aimed at giving employees tax savings in purchasing bicycles to travel to work, promoting improving health and fitness, and becoming more energised and motivated. All employees also have access to our EAP service which provides trusted support and advice through 24/7 confidential helpline, critical incident and trauma support, monthly wellbeing newsletters, and four free structured counselling sessions a year, helping our employees to work towards a solution and get back to normality as quickly as possible.

Pricing

Price: £1.50 a user
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: 28-day free trial that allows you to identify and manage threats, track assets, monitor your attack surface and train/test your users.
Link to free trial: https://www.defense.com

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Defense.com

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents