Geet and Prateek noticed a lack of expertise when it got here to safety and felt the need for companies to be extra focussed on it.
During his engineering days in Indore, Geet had decided to end up an Offensive Security Certified Professional (OSCP). This gave him the publicity to work on exceptional initiatives while nonetheless in college. He says he has labored on different tasks with records agencies and economic establishments. As an OSCP security freelancer, he has also worked and taught different college students.
Prateek commenced running with different organizations during his engineering days in coding and safety and labored in enterprise improvement at Infogrames Software Solutions, Code Decode Labs and Teleperformance India. After he completed his engineering in Mumbai, Prateek moved lower back to Indore to pursue an MBA at IIM Indore.
It is right here that the 2 met. They decided to build an organization that looked at protection. Soon, they roped in Rishabh Dogra, Thrivikram Gujrathi, and Medha Singh.
As the point of interest is on analyzing threats from a hacker’s factor of view, the group needs to be updated with the modern assault vectors. Prateek says the crew is skilled earlier exploitation strategies that malicious customers can use to compromise networks, systems, and applications to advantage get right of entry to touchy records and critical resources.
Starting up in Indore
One of the most important differentiators for Securitybulls is its region. However, setting out in a Tier II city has its own demanding situations. Prateek says they confronted quite a few boundaries whilst making new connections with like-minded people as there aren’t any meetups, meetings or occasions there. To conquer this, the team has to travel across the usa or even overseas, which may be pretty high-priced for a startup with a restricted budget.
“It is likewise difficult to promote such services in a town like Indore as groups here are searching to buy a Benz at the price of a Nano. Also, humans are not aware of facts safety and its importance, so it is hard for us to sell in Indore. But then, there also are no protection startups in central India and Indore is our place of birth,” says Prateek.
The group is presently running on constructing an AI-based internet vulnerability scanner, which would be based totally upon their very own studies of numerous vulnerabilities. “It might be helpful to spot out business logic flaws as properly. Since Blockchain is an rising technology, we’re fascinated to create an AI-primarily based smart contract code assessment platform,” says Prateek.
Securitybulls started out with several applications. Its customers include Angel Broking, Arihant Capital and Agfirst Farm Cred in Mumbai, Amar Ujjala in Noida, and Zerodha in Bengaluru.
Depending on purchaser needs, the company charges $200 – $1500 consistent with the day, in line with the engineer. At present, the team works with unique engineers and hackers on an element-time foundation.
“We’ve completed two years efficiently and our monthly revenue is now around Rs 5 lakh. In 2017, our revenue turned into Rs 35 lakh,” says Prateek. The agency has also been recognized at the Data Centre Summit in Mumbai in 2017 under the ‘Data Security’ category.
How does it work?
Prateek explains, “We carry out various assaults on the given set of scope and provide a detailed file containing the PoCs. We use our own scripts to breach the security of our customers and help them mitigate the troubles of their infrastructure.”
First, the group works with a patron to recognize the corporation’s commercial enterprise desires. Then, it identifies the unique threats which could have an effect on those dreams and allows it to plug them. The bootstrapped startup exams across specific vulnerabilities consisting of Open Web Application Security Project (OWASP) Top 10 and SANS 2. “We run on-going audits of packages and networks for vulnerabilities we derive from a prioritized researched list,” adds Prateek.
At present, the crew uses penetration trying out, that’s a way to copy real-global assaults via using the identical techniques used by malicious hackers.
We provide community penetration trying out to identify and mitigate risks to your community, which cannot be without difficulty detected via vulnerability scanners. This is accomplished for both internal and external networks to make certain that your community is as comfy as viable,” says Prateek.
The startup works on outside network penetration trying out for internet servers, email servers, access factors, HTTP/HTTPS, firewalls and IDS/IPS. It has internal community protection offerings that focus on exploiting private or internally accessible infrastructure and services. It also gives web app penetration testing, cellular app penetration trying out and Blockchain security.
The co-founder explains, “A huge part of Blockchain hacks take vicinity due to a loss of protection round web applications promoting tokens, and social engineering assaults. We help enterprises dispatch their ICOs correctly and permit them to assemble cozy levels.”
The marketplace and space
The Government of India has allocated 10 percent of its IT finances in the direction of cybersecurity. In July 2018, it notified a Preferred Market Access order to aid Made-in-India cybersecurity products.
According to Gartner, by 2023, more than 30 percentage of public-going through internet packages could be covered by using cloud internet utility and API safety (WAAP) offerings that integrate disbursed denial of carrier (DDoS) protection, bot mitigation, API safety, and WAFs. At present, this stands at much less than 10 percent, leaving a big market to be tapped into.
India has several security startups. While cybersecurity startups are speedy growing in India, few have been able to benefit the wished traction. Lucideus Tech, primarily based out of Delhi, is harnessing the capability of Blockchain and emerging generation, Mumbai-primarily based Block Armour, launched in 2016, objectives to disrupt cybersecurity. There also is Noida-based totally HaltDos that is an AI-driven website protection service that secures websites against cyber threats.