Zero Trust Innovators

We offer worldwide managed cybersecurity services for organizations with complex and dynamic IT infrastructures. Our managed services are modular, scalable and cost-effective, and always based on Zero Trust.

Read more

Managed SecurityServices

Complete visibility and control with 24/7 managed IT security support

Zero Trust Readiness & Fitness

Combining policy, architecture and operation. Continuously guarding the quality and effectiveness of your security measures.

Security Orchestration, Automation and Response Platform

The automated platform for the (Managed) Security Operations Center.

Cloud SecurityServices

Data segmentation and protection for public and private cloud environments.

Cybersecurity webinars

Every month we organize webinars on different cybersecurity topics.
Below you will find a selection of the current offerings.

Several National Cyber Security Centers (NCSCs) advise or require government and vital organizations to implement a Zero Trust strategy. This webinar therefore focuses on the implementation of Zero Trust from a ‘top down approach’.

More information
Zero Trust Strategy & Operation webinar

How do you bridge the gap between strategy and operations? In this webinar, our Lead Architect and CISO discuss the noticeable shift from an operational approach to Zero Trust to the strategic level at which CISOs and CIOs operate.

More information
Automated Pentesting met Pentera webinar

Pentesting is often seen as a necessary evil for audits. It is also a challenge to get the right pentesters in house. But the quality of the pentest then depends on personal skills. In this webinar we will show you how automated pentesting offers a solution for this.

More information
Webinar: Zero Trust & Cloud

How do you make sure your Zero Trust security policy and measures are also effective in the cloud environment(s)? How do you set this up? How do you validate this continuously? During this Deep Dive we will take a closer look at Zero Trust implementation in a cloud environment.

More information

Cybersecurity news

News, articles and opinions on cybersecurity

Log4j: Frequently Asked Questions

The Log4j vulnerability that was discovered on Thursday, December 9th, is still a pressing issue for many companies. Since its discovery, we’ve received many questions from customers, most of which we have gathered on this FAQ page. If you have any questions regarding the Log4j vulnerability, you can find the answer to many of them here. This page will be continuously updated as we monitor the development of this situation.

Log4j: Still a code red for the ON2IT CIRT

On Thursday, December 9th a serious vulnerability was discovered in the much-used Apache Log4j Java logging library (Log4j). Through this vulnerability, an unauthenticated, unauthorized RCE (Remote Code Execution) is made possible, which can be used to take over a server. A patch was quickly made available, but executing said patch is proving to be a more complex activity. 

Using more security products won’t solve your cyber security problem

Have you ever run into this scenario: there is a yearly audit on the security posture of the organization and this requires certain measures to be in place. However, everyone within the security department knows that that one specific measure (let’s name it checkbox alpha) is not actually in place.

Don’t just cry wolf – Avoid alarm fatigue, use continuous validation

A one-off vulnerability assessment or automated penetration test may serve to raise awareness to gain focus. Still, it also bears a risk of fatigue in that it usually raises a seemingly insurmountably large heap of issues. If you're seeking to take control of and improve an existing situation, don't look once.