Securing records is a key requirement for any agency, especially with the growing need to digitize facts. While there are several security startups in Tier I towns, Geet Vaishnav and Prateek Sharma decided to begin one of their place of birth – Indore.
The duo based Securitybulls – a penetration testing and infrastructure safety provider company – in 2016. The platform analyses an organization’s digital assets from a hacker’s point of view to provide a blueprint for remediation to assist build or decorate a safety approach.
Geet and Prateek saw a lack of expertise when it got here to safety, and felt the want for establishments to be greater focussed on it.
During his engineering days in Indore, Geet had decided to grow to be an Offensive Security Certified Professional (OSCP). This gave him the exposure to paintings on extraordinary tasks whilst nonetheless in university. He says he has labored on unique projects with statistics groups and monetary establishments. As an OSCP protection freelancer, he has also labored and taught other college students.
Prateek started running with one of a kind corporations throughout his engineering days in coding and safety and worked in business development at Infogrames Software Solutions, Code Decode Labs and Teleperformance India. After he finished his engineering in Mumbai, Prateek moved lower back to Indore to pursue an MBA at IIM Indore.
It is here that the two met. They determined to build an organization that checked out safety. Soon, they roped in Rishabh Dogra, Thrivikram Gujrathi, and Medha Singh.
As the focus is on analyzing threats from a hacker’s point of view, the crew desires to be up to date with today’s assault vectors. Prateek says the group is skilled earlier exploitation strategies that malicious customers can use to compromise networks, systems, and packages to gain get entry to too sensitive information and crucial resources.
Starting up in Indore
One of the biggest differentiators for Securitybulls is its vicinity. However, starting off in a Tier II metropolis has its own challenges. Prateek says they faced a lot of obstacles at the same time as making new connections with like-minded people as there are no meetups, meetings or occasions there. To triumph over this, the crew has to travel across u. S. A . Or maybe abroad, which can be pretty pricey for a startup with a limited price range.
“It is likewise difficult to sell such offerings in a city like Indore as organizations right here are looking to buy a Benz at the rate of a Nano. Also, humans aren’t aware of information safety and its importance, so it is difficult for us to promote in Indore. But then, there are also no safety startups in significant India and Indore is our hometown,” says Prateek.
The group is currently running on building an AI-based totally internet vulnerability scanner, which might be primarily based upon their very own research of diverse vulnerabilities. “It could be useful to identify out enterprise logic flaws as nicely. Since Blockchain is an rising generation, we’re interested to create an AI-based clever settlement code review platform,” says Prateek.
Securitybulls began with numerous programs. Its customers encompass Angel Broking, Arihant Capital and Agfirst Farm Cred in Mumbai, Amar Ujjala in Noida, and Zerodha in Bengaluru.
Depending on purchaser desires, the agency fees $200 – $1500 in line with the day, consistent with the engineer. At present, the crew works with distinct engineers and hackers on a component-time foundation.
“We’ve completed two years successfully and our month-to-month sales is now around Rs 5 lakh. In 2017, our revenue changed into Rs 35 lakh,” says Prateek. The enterprise has also been acknowledged at the Data Centre Summit in Mumbai in 2017 below the ‘Data Security’ class.
How does it paintings?
Prateek explains, “We perform numerous assaults on the given set of scope and provide an in-depth report containing the PoCs. We use our very own scripts to breach the safety of our clients and help them mitigate the issues in their infrastructure.”
First, the crew works with a patron to recognize the organization’s commercial enterprise goals. Then, it identifies the distinct threats that could have an effect on those dreams and enables it to plug them. The bootstrapped startup tests across special vulnerabilities which include Open Web Application Security Project (OWASP) Top 10 and SANS 2. “We run on-going audits of packages and networks for vulnerabilities we derive from a prioritized researched listing,” provides Prateek.
A gift, the group uses penetration testing, which is a manner to copy real-world assaults by the usage of the equal techniques utilized by malicious hackers.
“We provide network penetration trying out to become aware of and mitigate dangers for your network, which cannot be effortlessly detected via vulnerability scanners. This is carried out for each internal and outside networks to ensure that your community is as at ease as viable,” says Prateek.
The startup works on outside community penetration testing for net servers, e-mail servers, access factors, HTTP/HTTPS, firewalls and IDS/IPS. It has internal community safety services that focus on exploiting personal or internally reachable infrastructure and offerings. It additionally gives web app penetration testing, mobile app penetration trying out and Blockchain security.
The co-founder explains, “A massive a part of Blockchain hacks take region because of a loss of protection round web packages promoting tokens, and social engineering attacks. We help establishments dispatch their ICOs properly and permit them to assemble cozy degrees.”
The market and space
The Government of India has allocated 10 percent of its IT budget towards cybersecurity. In July 2018, it notified a Preferred Market Access order to support Made-in-India cybersecurity products.
According to Gartner, via 2023, extra than 30 percent of public-facing net applications might be protected through cloud internet application and API protection (WAAP) offerings that integrate dispensed denial of carrier (DDoS) protection, bot mitigation, API safety, and WAFs. A gift, this stands at less than 10 percent, leaving a huge marketplace to be tapped into.
India has several safety startups. While cybersecurity startups are rapidly growing in India, few have been able to advantage the wished traction. Lucideus Tech, primarily based out of Delhi, is harnessing the capability of Blockchain and emerging era, Mumbai-based totally Block Armour, launched in 2016, pursuits to disrupt cybersecurity. There also is Noida-primarily based HaltDos which is an AI-driven website protection provider that secures websites towards cyber threats.