Securing records is a key requirement for any agency, especially with the growing need to digitize facts. While there are several security startups in Tier I towns, Geet Vaishnav and Prateek Sharma decided to begin one of their place of birth – Indore. The duo-based Securitybulls – a penetration testing and infrastructure safety provider company – in 2016. The platform analyses an organization’s digital assets from a hacker’s point of view to provide a blueprint for remediation to assist build or decorate a safety approach. Geet and Prateek saw a lack of expertise when it got here to safety and felt the need for establishments to be more focused on it.
During his engineering days in Indore, Geet decided to grow into an Offensive Security Certified Professional (OSCP). This gave him exposure to paintings on extraordinary tasks whilst nonetheless in university. He says he has labored on unique projects with statistics groups and monetary establishments. As an OSCP protection freelancer, he has also labored and taught other college students. Prateek started running with one-of-a-kind corporations throughout his engineering days in coding and safety and worked in business development at Infogrames Software Solutions, Code Decode Labs, and Teleperformance India. After finishing his engineering in Mumbai, Prateek moved lower back to Indore to pursue an MBA at IIM Indore.
It is here that the two met. They determined to build an organization that checked out safety. Soon, they roped in Rishabh Dogra, Thrivikram Gujrathi, and Medha Singh. As the focus is on analyzing threats from a hacker’s point of view, the crew desires to be up to date with today’s assault vectors. Prateek says the group is skilled in earlier exploitation strategies that malicious customers can use to compromise networks, systems, and packages to get access to sensitive information and crucial resources.
Starting up in Indore
One of the biggest differentiators for Securitybulls is its vicinity. However, starting in a Tier II metropolis has its own challenges. Prateek says they faced a lot of obstacles while making new connections with like-minded people as there are no meetups, meetings, or occasions there. To triumph over this, the crew has to travel across u. S. A . Or maybe abroad, which can be pretty pricey for a startup with a limited price range.
“It is likewise difficult to sell such offerings in a city like Indore as organizations right here are looking to buy a Benz at the rate of a Nano. Also, humans aren’t aware of information safety and its importance, so it is difficult to promote it in Indore. But then, there are also no safety startups in significant India, and Indore is our hometown,” says Prateek.
The group is currently building an AI-based totally internet vulnerability scanner, which might be primarily based upon their very own research of diverse vulnerabilities. “It could be useful to identify our enterprise logic flaws as nicely. Since Blockchain is a rising generation, we’re interested in creating an AI-based clever settlement code review platform,” says Prateek.
Securitybulls began with numerous programs. Its customers encompass Angel Broking, Arihant Capital and First Farm Cred in Mumbai, Amar Ujjala in Noida, and Zerodha in Bengaluru.
Depending on purchaser desires, the agency fees are $200 – $1500 in line with the day, consistent with the engineer. At present, the crew works with distinct engineers and hackers on a component-time foundation.
“We’ve completed two years successfully, and our month-to-month sales are now around Rs 5 lakh. In 2017, our revenue changed into Rs 35 lakh,” says Prateek. The enterprise was also acknowledged at the Data Centre Summit in Mumbai in 2017 below the ‘Data Security’ class.
How does it paintings?
Prateek explains, “We perform numerous assaults on the given set of scope and provide an in-depth report containing the PoCs. We use our very own scripts to breach the safety of our clients and help them mitigate the issues in their infrastructure.”
First, the crew works with a patron to recognize the organization’s commercial enterprise goals. Then, it identifies the distinct threats that could affect those dreams and enables it to plug them. The bootstrapped startup tests across special vulnerabilities, which include Open Web Application Security Project (OWASP) Top 10 and SANS 2. “We run on-going audits of packages and networks for vulnerabilities we derive from a prioritized researched listing,” provides Prateek.
A gift, the group uses penetration testing, which is a manner of copying real-world assaults by using the equal techniques utilized by malicious hackers. “We provide network penetration trying out to become aware of and mitigate dangers for your network, which cannot be effortlessly detected via vulnerability scanners. This is carried out for each internal and outside network to ensure that your community is as at ease as viable,” says Prateek.
The startup works on outside community penetration testing for net servers, e-mail servers, access factors, HTTP/HTTPS, firewalls, and IDS/IPS. It has internal community safety services that focus on exploiting personal or internally reachable infrastructure and offerings. It additionally gives web app penetration testing, mobile app penetration trying out, and Blockchain security.
The co-founder explains, “A massive a part of Blockchain hacks take region because of a loss of protection round web packages promoting tokens, and social engineering attacks. We help establishments dispatch their ICOs properly and permit them to assemble cozy degrees.”
The market and space
The Government of India has allocated 10 percent of its IT budget towards cybersecurity. A gift stands at less than 10 percent, leaving a huge marketplace to be tapped into. In July 2018, it notified a Preferred Market Access order to support Made-in-India cybersecurity products. According to Gartner, via 2023, extra than 30 percent of public-facing net applications might be protected through cloud internet application and API protection (WAAP) offerings that integrate dispensed denial of carrier (DDoS) protection, bot mitigation, API safety, and WAFs.
India has several safety startups. While cybersecurity startups are rapidly growing in India, few have taken advantage of the wished traction. Lucideus Tech, primarily based out of Delhi, is harnessing the capability of Blockchain and emerging era, Mumbai-based totally Block Armour, launched in 2016, pursuits to disrupt cybersecurity. There is also Noida-primarily based HaltDos, an AI-driven website protection provider that secures websites towards cyber threats.