Skip to main content

Independent Security Partner since 2005

Defending your future.
Today.

Security built for a world where attackers use AI. DEFION combines offensive security expertise with AI that continuously detects, validates, and challenges your defenses. You see what’s happening in minutes and act before attackers get in.

Attackers already use AI to increase the speed and scale of cyberattacks. DEFION combines offensive security expertise with AI-driven analysis to help organisations respond with the same level of visibility, validation and speed. Active Defense means threats are hunted proactively, controls are continuously tested and response starts before incidents escalate.

Real analysts online in Zoetermeer and Barcelona. Average response under 5 minutes.

DEFION in numbers

20+
Years of experience
100+
Security experts
1,000+
Organizations protected
100,000+
Endpoints monitored
Meet the team

100+ specialists.
Two offices.
One team.

Zoetermeer and Barcelona. Real people, senior expertise. No offshore support, no call-center triage. When you call DEFION, you reach the engineer who can actually help.

Independent since 2005. Still driven by the people who founded it.

The DEFION team together in the mountains during our annual offsite
DEFION engineers collaborating over shared desks
Four DEFION colleagues hanging out in a mountain cabin
Three DEFION colleagues relaxing on a couch after hours
DEFION security experts
Why DEFION

Independent.
AI-accelerated.
20 years proven.

You get advice without a hidden sales agenda. DEFION doesn't sell products, only protection. That means our recommendations are always in your interest.

From boardroom to server room, 24/7 monitoring and AI-accelerated pentesting. One partner for your entire attack surface: IT, OT, and IoT.

About DEFION →
What this means for you

Faster detection.
Less noise.
Better decisions.

You only get alerts that matter. No flood of false positives, no overwhelmed security team. Our technology filters the noise, our experts make the calls.

The result: threats detected in minutes instead of days. And when it counts, there are always people ready who know what to do.

Alert within 4 minutes

No hours or days waiting for an alarm

Only what matters

Your team sees relevant alerts, not thousands

Pentest in 24 hours

First vulnerabilities same day, not after weeks

Experts who decide

No automated guesswork, real human judgment

THREAT INTELLIGENCE

What we see right now. Week 29 · July 17, 2026

Week 29, 2026 · Updated July 17, 2026

Our TI team monitors 40+ sources 24/7. These are the most relevant threats for European organizations, updated July 17, 2026 (week 29).

CVE · CRITICAL · All sectors using SonicWall SMA1000 SSL-VPN or Secure Mobile Access (EU-wide)

NCSC-2026-0239: SonicWall SMA1000 two actively exploited zero-days. CVE-2026-15409 (SSRF, CVSS 9.8) and CVE-2026-15410 (code injection AMC, CVSS 9.8). Patch now.

NCSC-2026-0239 confirms two actively exploited zero-days in SonicWall SMA1000: CVE-2026-15409 (unauthenticated SSRF, CVSS 9.8) and CVE-2026-15410 (post-auth code injection, CVSS 9.8). Patch immediately and check all SonicWall SMA1000 environments for IoCs.

July 17, 2026 · Confidence: High

Read more →
Ransomware · CRITICAL · Manufacturing, Healthcare, Business Services (NL, SE, AD - PLAY ransomware EU expansion)

PLAY ransomware hits Dutch manufacturer AG Scholtes: NL manufacturing sector threat elevated. Three EU victims in one 24-hour cycle.

PLAY ransomware claimed Dutch manufacturer AG Scholtes plus Andorra Life and Svensk Direktreklam in one 24-hour cycle. Three EU countries (NL, AD, SE) hit simultaneously. NL manufacturing sector threat level elevated.

July 17, 2026 · Confidence: High

Read more →
CVE · HIGH · All organizations running Microsoft SharePoint (July 2026 Patch Tuesday)

CVE-2026-50522 (CVSS 9.8): Microsoft SharePoint RCE with no user interaction required. Part of July 2026 Patch Tuesday - NCSC-2026-0237.

CVE-2026-50522 (CVSS 9.8) enables Remote Code Execution on Microsoft SharePoint with no user interaction required. Part of July 2026 Patch Tuesday. Microsoft expects active exploitation is likely. Patch immediately.

July 17, 2026 · Confidence: High

Read more →
Trusted by leading organizations

What our customers say

All customer stories →

Ready to make your
security AI-proof?

Talk to one of our experts. No obligations, no sales pitch: an honest conversation about your situation.