Independent since 2005

Defending your future.
Today.

Security built for a world where attackers use AI. DEFION combines offensive security expertise with AI that continuously detects, validates, and challenges your defenses. You see what’s happening in minutes and act before attackers get in.

Attackers already use AI to increase the speed and scale of cyberattacks. DEFION combines offensive security expertise with AI-driven analysis to help organisations respond with the same level of visibility, validation and speed. Active Defense means threats are hunted proactively, controls are continuously tested and response starts before incidents escalate.

Speak with our experts 24/7 Incident Hotline
Real analysts online in Zoetermeer and Barcelona. Average response under 5 minutes.

DEFION in numbers

20+
Years of experience
100+
Security experts
1,000+
Organizations protected
100,000+
Endpoints monitored
Meet the team

100+ specialists.
Two offices.
One team.

Zoetermeer and Barcelona. Real people, senior expertise. No offshore support, no call-center triage. When you call DEFION, you reach the engineer who can actually help.

Independent since 2005. Still driven by the people who founded it.

Meet the team → Open roles →
The DEFION team together in the mountains during our annual offsite
DEFION engineers collaborating over shared desks
Four DEFION colleagues hanging out in a mountain cabin
Three DEFION colleagues relaxing on a couch after hours
What you get

Five disciplines.
One partner.

No juggling five vendors for five problems. One team that covers your entire security posture, from advisory to 24/7 monitoring and crisis response.

Cybersecurity Advisory
Strategic Resilience

Cybersecurity Advisory

You know exactly where your risks are and what to do about them. NIS2, DORA, ISO 27001: not paper compliance, but a clear plan that works.

Learn more →
Pentesting Services
Attack Readiness

Pentesting Services

First vulnerabilities in your application within 24 hours. No more waiting weeks for a report. Breach rate: 93%.

Learn more →
Managed Detection & Response
Adaptive Threat Detection

Managed Detection & Response

Your security team stops drowning in thousands of alerts. They only see what truly needs attention. 24/7.

Learn more →
Digital Forensics & IR
Cyber Crisis Management

Digital Forensics & IR

When an incident hits, our specialists are ready within minutes. Not after days of analysis. 24/7, across Europe.

Learn more →
BCDR Services
Business Continuity & Recovery

BCDR Services

You know exactly how long your business goes down during an attack. And what you can do to shorten that.

Learn more →
DEFION security experts
Why DEFION

Independent.
AI-accelerated.
20 years proven.

You get advice without a hidden sales agenda. DEFION doesn't sell products, only protection. That means our recommendations are always in your interest.

From boardroom to server room, 24/7 monitoring and AI-accelerated pentesting. One partner for your entire attack surface: IT, OT, and IoT.

About DEFION →
What this means for you

Faster detection.
Less noise.
Better decisions.

You only get alerts that matter. No flood of false positives, no overwhelmed security team. Our technology filters the noise, our experts make the calls.

The result: threats detected in minutes instead of days. And when it counts, there are always people ready who know what to do.

Alert within 4 minutes

No hours or days waiting for an alarm

Only what matters

Your team sees relevant alerts, not thousands

Pentest in 24 hours

First vulnerabilities same day, not after weeks

Experts who decide

No automated guesswork, real human judgment

THREAT INTELLIGENCE

What we see right now. Week 23 — 3 June 2026

Week 23, 2026 · Updated June 3, 2026

Our TI team monitors 40+ sources 24/7. These are the most relevant threats for European organizations — updated June 3, 2026.

Ransomware · CRITICAL · All sectors (EU/Global)

TheGentlemen ransomware deploys BYOVD to kill EDR tools before encryption - 500% surge in NL victims

TheGentlemen ransomware disables EDR via BYOVD before encrypting, with a 500% surge in EU victims. Exploits FortiGate CVE-2024-55591 for initial access. Action: validate EDR and patch FortiGate immediately.

June 3, 2026 · Confidence: High

Read more →
Supply Chain · HIGH · Technology, SaaS, Development (EU/Global)

Supply chain attack: 3,800 GitHub repositories compromised, 84 npm packages backdoored

3,800 GitHub repos compromised and 84 npm packages backdoored. CISA confirms ransomware linkage. Attackers use dev environments as the entry point to production. Action: audit npm dependencies and implement SBOM.

June 3, 2026 · Confidence: High

Read more →
Ransomware · HIGH · Finance, Healthcare, Technology (EU/Global)

Data extortion without encryption: 38% of ransomware attacks now skip encryption entirely

38% of 2026 ransomware attacks exfiltrate data without encrypting, bypassing backup recovery strategies. Qilin and DragonForce lead this shift in EU targets. Action: implement DLP and update IR plans for data extortion.

June 3, 2026 · Confidence: High

Read more →
View all threat intelligence →
Sector Expertise

We speak your language.

Manufacturing
Manufacturing
Government
Government
Financial Services
Financial Services
Critical Infrastructure
Critical Infrastructure
Retail & E-commerce
Retail & E-commerce
Research & Education
Research & Education
Technology & SaaS
Technology & SaaS
Trusted by leading organizations

What our customers say

All customer stories →
Latest news

Newsroom

All news →
Partnership 29 Apr 2026

AZ and DEFION Security: Official Supplier for Optimal Data Protection

AZ and DEFION enter into a multi-year strategic partnership as Official Supplier to strengthen the club's digital resilience. DEFION protects the valuable data AZ uses for performance on and off the pitch.

Read more →
Alert 29 Apr 2026

CVE-2026-31431 ("Copy Fail"): Critical Linux Privilege Escalation Vulnerability Explained

CVE-2026-31431 ("Copy Fail") is a Linux kernel vulnerability enabling stealthy privilege escalation to root. Learn about the impact, affected systems, and mitigation steps.

Read more →
Partnership 3 Mar 2026

SURF Deployment: DEFION and DTX Secure 75+ Education and Research Institutions

DTX and DEFION begin rolling out MDR services for SURF. More than 75 Dutch universities, polytechnics and vocational colleges receive 24/7 protection against cyberattacks.

Read more →

Ready to make your
security AI-proof?

Talk to one of our experts. No obligations, no sales pitch: an honest conversation about your situation.

Get in touch 24/7 Incident Response