This is a dictionary of companies or verified experts offering cybersecurity services, data, or other tangible assets to assist in Ukraine's defense of its independence. Secondarily, this may also have resources for other entities in responding to the increasing threat of Russia beyond its own borders.
This repository is CC BY-NC-SA 4.0 licensed. Please keep in mind what rights are being retained by the companies and individuals volunteering here if you plan to adapt, remix, or redistribute this work using the rights granted to you. More information is available in issue #22, CC BY-NC-SA, Personal Privacy, and You.
Source of information: https://twitter.com/Andrew___Morris/status/1496923545712091139
Services being offered: Threat Intelligence
Who is eligible: All people can access GreyNoise's list of IPs performing recon against Ukrainian IPs. Ukrainians & NATO members can access additional services through GreyNoise.
How are the services accessed: Ukrainians & NATO members can access enhanced services by signing up for GreyNoise where they will be automatically upgraded on signup, and existing accounts have been upgraded.
Source of information: Kontinuum reached out to r/cybersecurity via Reddit and GitHub
Services being offered: Free Security assessments and free remediation if in our skill set, 30 days free NGAV with SOC monitoring/threat Intel for workstations, servers, mobile devices, real time IP address scanning an blocking of traffic on firewalls. The 30 days can be extended as needed per conditions in Ukraine and heightened alert levels.
Who is eligible: freelance journalists, Ukranians, anyone helping the Ukrainian effort or any company stateside.
How are the services accessed: please send an email to info@kontinuum.com and we will get in touch with you to help where and how we can.
Source of information: Minerva Labs reached out ro r/cybersecurity via Reddit and GitHub
Who is eligible: Ukrainian organizations
Services being offered: Endpoint Security for Windows systems (including legacy systems) - Free of charge for 6 months. Unlimited endpoints
How are the services accessed: They need to sign up with this form and Minerva will contact them and set them up with an account and help them get started
Source of information: https://twitter.com/milad_aslaner/status/1498706393511211009
Services being offered: SentinelOne Singularity platform (endpoint protection) and Managed Detection & Response service free for 90 days
Who is eligible: Ukraine
How are the services accessed: Request access via https://www.sentinelone.com/lp/ukraine-response/
Source of information: https://silentbreach.com/News/silent-breach-offers-ukrainian-orgs-free-cybersecurity-tools/
Services being offered: Quantum Armor, Silent Breach's Attack Surface management platform, including cloud security and threat intelligence
Who is eligible: All Ukrainian orgs.
How are the services accessed: A free version can be accessed directly via qarmor.io but for full permissions (which is free for all Ukrainian orgs) potential clients will need to contact an account manager to get set up and trained in. This can be done within 72 hours of initial contact.
Source of information: https://www.mindwise.io/ukraine-cybersecurity-aid
Services being offered: Account Takeover Detection, Data Breach Detection, Threat Intelligence
Who is eligible: Ukrainian organizations such as businesses, corporations, or governments
How are the services accessed: email ukraine@mindwise.io or schedule a meeting through the above link
Source of information: https://www.linkedin.com/feed/update/urn:li:activity:6907696903765770240
Services being offered: Network Firewall and Cybersecurity Defensive Services (12 months)
Who is eligible: Ukranians companies
How are the services accessed: Visit https://www.netdeep.com.br/firewall/
Source of information: This GitHub
Services being offered: eBGP Network peering to filter Malicious IP space, Botnets, Tornodes, etc. actively targeting Ukrainian resources, on BGP capable network devices
Who is eligible: Entities in need in Ukraine
How are the services accessed: Network Engineers / IT Technicians need to contact ukraine@opticnetworks.net in order to setup eBGP peering sessions between their network devices and my eBGP network peer.
Source of information: https://macpaw.com/news/data-protector-spy-buster
Services being offered: Free software application, uses static analysis to identify potentially unwanted Russian and Belorussian software, dynamic analysis to monitor outgoing traffic to detect and block unwanted connections to Russian servers.
Who is eligible: All.
How are the services accessed: https://research.macpaw.com/spy-buster/
Source of information: https://cybelangel.com/blog/message-on-ukraine/
Services being offered: Cybelangel offers 24/7 monitoring services to detect cyber exposure of critical assets at no charge
Who is eligible:
- Ukrainian private companies who wish to asses their digital exposure in Ukraine
- NGOs active in the war who wish to minimize the risks of their missions being interrupted by cyber attacks
How are the services accessed: Please first contact standing-together@cybelangel.com, afterwards, access will be granted to CybelAngel's SaaS platform
Source of information: https://hyperproof.io/cyber-defense-solution/
Services being offered: Hyperproof's compliance operations software (sold typically as an annual subscription) is available for free to all eligible companies for one full year. The software includes a risk register, capabilities for assessing and managing security controls, documenting issues and remediation plans, and automated alerting and monitoring capability for risks and security controls.
Who is eligible: All western companies in the United States and in the European Union which are classified as critical infrastructure sectors. For US companies, we use the definition from CISA. According to CISA, there are 16 critical sectors “whose assets, systems, and networks, whether physical or virtual are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health, or any combination thereof.” For EU companies, we use the definition from Council Directive 2008/114/EC.
How are the services accessed: Request access at https://hyperproof.io/cyber-defense-solution/ A rep from Hyperproof will be in touch with the person who made the request, have a quick call to confirm key details including eligibility, and then provision the software to any eligible organization.
Source of information: https://www.vectra.ai/forms/complimentary-security-tools-services-in-response-to-the-conflict-in-ukraine
Services being offered: Threat detection and response in hybrid and multi-cloud enterprises:
- Scan Microsoft Azure AD and M365 environments for signs of attack activities
- Monitor AWS infrastructure for signs of active attacks, in addition to provision of detection and response for both the network and control plane of AWS accounts
- Surveil network infrastructure both on-premises and in the cloud for signs of attack, including deployment of Vectra sensors that are purpose-built to detect malicious behavior
- Support the retention of historical metadata to aid incident response investigations based on indicators of compromise (IOCs) for specific attack variants.
Who is eligible: any organizations who believe they may be targeted as a result of the current conflict
How are the services accessed: Fill out this form to access the Complimentary Security Tools & Services
Source of information: GitHub issue
Services being offered: Incident Response services
Who is eligible: EU-based NATO members, Ukranians, journalists, other
How are the services accessed: by email form or phone call listed on hypasec.com
Source of information: https://twitter.com/_IntelligenceX/status/1497671064054288384
Services being offered: Full access to OSINT platform
Who is eligible: Ukrainian government
How are the services obtained: Sign up with an email address ending in gov.ua and you will be automatically upgraded
Source of information: #11
Services offered: Threat Intelligence and Mitigation
Who is eligible: all
How are the services accessed: email jcoverstone@gmail.com
Source of information: https://twitter.com/FlokiNETehf/status/1496968251615686657
Services being offered: web infrastructure, DDoS protection.
Who is eligible: Ukrainian journalists & news agencies.
How are the services accessed: Email info@flokinet.is
Source of information: https://www.linkedin.com/feed/update/urn:li:activity:6903059206522712064/
Services being offered: Free 6 months DNS Firewall service subscription
Who is eligible: Ukraine-based companies and government entities
How are the services accessed: Complete the DNS Firewall evaluation form and put "Ukraine based" in the comments. Then, follow the instructions to set up an evaluation call with Malware Patrol to discuss the set-up for your security environment. https://www.malwarepatrol.net/dns-firewall-evaluation-request/?source=ukraine
Source of information: https://www.linkedin.com/posts/michaelthiessmeier_ukraine-cybersecurity-alliedcyberpartners-activity-6899690456368709632-DDI2
Services being offered: Personal Security & Cybersecurity consulting (individuals and organizations )
Who is eligible: Ukrainians and Ukrainian Organizations
How are the services accessed: Contact directly on LinkedIn or by emailing ukraine@alliedcyberpartners.com
Source of information: https://twitter.com/sa0un/status/1497299556022857730
Services being offered: DDoS mitigation, secure web hosting
Who is eligible: people/organizations in Ukraine
How are the services accessed: DM @sa0un
Source of information: https://www.linkedin.com/feed/update/urn:li:activity:6902750306459820032/
Services being offered: Threat Intelligence
Who is eligible: Any organization in the Ukraine.
How are the services accessed: Email ukraine@prevailion.zendesk.com for free access to Prevailion's APEX platform.
Source of information: https://twitter.com/GelosSnake/status/1497683065799262211
Services being offered: Incident Response, defensive activities
Who is eligible: Unclear
How are the services accessed: Contact @GelosSnake (?)
Source of information: https://twitter.com/tcpdirect/status/1497017919917678593
Services being offered: Hosting and VPNs
Who is eligible: Unclear
How are the services accessed: DM @tcpdirect, or email support@akamai.services, or use #tcpdirect on ircdchat
Source of information: https://twitter.com/cahlberg/status/1496874932273389569
Services being offered: Threat Intelligence
Who is eligible: Unknown (Ukraine?)
How are the services accessed: Unknown
Source of information: https://twitter.com/RobertMLee/status/1496862093588455429
Services being offered: Dragos Platform, managed ICS cybersecurity services, Incident Response.
Who is eligible: Small co-op/municipal utilities in US, UK, Australia, New Zealand
How are the services accessed: Contact staff (https://www.linkedin.com/in/robmichaellee)
Source of information: https://www.bitdefender.com/ukraine.html
Products in scope: Consumer and business solutions
Who is eligible: Consumer - Ukraine citizens (free, for as long as needed); Business - Unkraine businesses or public entities (free, for as long as needed); EU & NATO based businesses and public entities (free for 1 year to replace vendor who has technical or geopolitical trust concerns)
Obtaining subscription: complete and submit website form (see link above)
Chris Culling (@chrisculling)
is also compiling a spreadsheet titled Free Cyber & Humanitarian Services for Ukraine, which has some additional content for businesses needing cybersecurity services, but also has content for individuals needing many essential security/communications resources (free texts/calls/connectivity, VPN accounts for journalists, antimalware, etc.).
As his list is exceptionally high quality and extends the services/options available to those in need, we are linking to it instead of duplicating his excellent work: https://docs.google.com/spreadsheets/d/18WYY9p1_DLwB6dnXoiiOAoWYD8X0voXtoDl_ZQzjzUQ/
To make this most effective, this repository will only take entities which are making tangible commitments to Ukraine or other countries in need. No thoughts & prayers are allowed on this list. Further, entities that provide easy to access services will be placed near the top of their section, and those making a specific commitment to provide services to Ukraine but not detailing how Ukrainians could access those services will be placed near the bottom of their section.
To add a resource you've found - either a company or verified expert offering resources to Ukraine, create a new Issue and use the provided template to provide the requested information (such as the source of the information, the company name, what services are being provided, etc.). Moderators will validate, add your finding to the list, and close the issue manually. You will need a GitHub account for this.