Following Uber, Zomato data breach, ethical hacker Anand Prakash has the key to avoid the next
Dec 06, 2017, 12.51 PM IST https://economictimes.indiatimes.com/small-biz/startups/features/following-uber-zomato-data-breach-ethical-hacker-anand-prakash-has-the-key-to-avoid-the-next-hackerhive-appsecure/articleshow/61941715.cms
From having no customers during the first three months post launch to spreading a network worldwide, Prakash is keeping an eye out for investors to fund his startup. But he is in no hurry.
Company name: Hackerhive (AppSecure)
Founder name(s): Anand Prakash & Rohit Raj
City it is based out of: Bangalore
Headcount/Strength of the team: 7
Industry: Cyber Security
Investors & Amount raised: None, thus far
There may not be any evidence to suggest that Indians have a relatively lackadaisical attitude towards online privacy than their Western counterparts, but one knows enough to draw a common conclusion.
Yet, irrespective of the level of concern shown, leaks and hacks have been reported from both domestic as well as international tech companies. While Zomato's case ranked high in the list of data breaches globally this year, top US credit agency Equifax and ride-hailing company Uber has also been accorded a central place in the lineup.
Would a more robust cyber security network have prevented the year's biggest hacks?
"While most of these companies hire a full-time team to spot security flaws, slip ups happen all the time, leading to sensitive data falling into the hands of cyber criminals," says (ethical) hacker Anand Prakash, who founded Hackerhive this year. "In addition to being invasive, solving these data breaches can be time-consuming and ridiculously expensive," he adds.
While working as a security engineer for Flipkart, Prakash used to participate in bug bounty programs hosted by tech behemoths like Google, Facebook, Twitter, PayPal and Yahoo, among others. By inviting third-party hackers and external researchers to identify stealth viruses within an application, these companies are clamping down attempts of cyber attacks - before they actually happen.
This is a practise that is commonplace among global tech giants, but oddly missing back home despite the push for Digital IndiaBSE -3.60 %, which seeks to improve online connectivity - correspondingly increasing the risk of such attacks.
Digital drive
Incorporated in May 2016 as cyber security startup AppSecure, it was rebranded to Hackerhive after Prakash collaborated with (co-founder) Rohit Raj to launch a dedicated bug bounty platform for the company. This works as an aggregator that connects companies and ethical hackers to help the former discover and fix security vulnerabilities.
"Although both Rohit and I have a lot of experience running bug bounty programs for other companies on their invitation, it was still a challenge to report security loopholes in other firms without alarming them," says Prakash. "We then decided to launch a platform which legitimizes this practise without intimidating potential clients," he adds.
How does the platform work?
A group of hackers - screened, vetted and deployed by the founders - look for loopholes in a company's product and shares it with them. In return, they are incentivized for each bug reported. Although the compensation value varies depending on the type of bug discovered and the size of the company involved, it will not be a stretch to say that the exercise is as satisfying as it is lucrative.
"This collaboration between our hackers and the company's internal security team can help thwart critical vulnerabilities before the criminals get to exploit them," says Prakash. "It is prudent to take the extra help to plug security loopholes and who better than hackers to do that job for them?" he adds.
Big to small
All of 24, Prakash has crossed an enviable list of milestones for an entrepreneur his age. In addition to being featured among Forbes 30 under 30 Asia
grouping this year, he has also consistently been among the top hackers - worldwide - for Facebook, Twitter and Uber since 2014.
Anand Prakash ranked 3rd, 4th and 3rd on Facebook hackers worldwide list in 2014, 2015 and 2016, respectively
Prakash has also responsibly reported vulnerabilities for other top companies, including Dropbox, Adobe, eBay, Nokia, Blackberry and SoundCloud, to name a few. Selected as part of Nasscom's 10,000 startups program, the company wants to make an impact on Indian companies too by creating awareness among them about cyber security.
"US firms respond immediately to any report of security bugs, but Indian companies typically get into flight mode," feels Prakash.
Prakash is at number 3 on Twitter hackers worldwide list
"Our main aim is not to run big bounty programs, but to create awareness around cyber security in India," says Prakash. "My experience across companies has helped me build a strong network of hackers, but the real challenge has been to convince companies about the importance of protecting their data. In fact, many did not even have security engineers to handle such cases. This is beginning to change with the emergence of tech-based startups," he adds.
In fact, Prakash has collaborated with a string of new-age companies including Zoomcar, Oyo, FreshMenu and Jugnoo. AppSecure is also Swiggy's third party company for its Security Bug Bounty Program.
Prakash is third on Uber hackers worldwide list for 2017
According to him, Indian companies are beginning to understand the impact data breaches can have on its businesses. Furthermore, they are opening up to external cyber security professionals to test the strength of their safety structures, instead of simply relying on automated analysis.
"Most of the analysis in bug bounty hunting is done manually by hackers and that makes a world of difference in this ecosystem," says Prakash.
"This is because the likelihood of discovering bugs is quite slim when done through automated tools," he adds.
From having no customers during the first three months post launch to spreading a network worldwide, Prakash is keeping an eye out for investors to fund his startup. But he is in no hurry.
"I want to first focus on the quality of work that we do," he says. "This includes spreading awareness about the importance of cyber security in India," he adds.
Company name: Hackerhive (AppSecure)
Founder name(s): Anand Prakash & Rohit Raj
City it is based out of: Bangalore
Headcount/Strength of the team: 7
Industry: Cyber Security
Investors & Amount raised: None, thus far
There may not be any evidence to suggest that Indians have a relatively lackadaisical attitude towards online privacy than their Western counterparts, but one knows enough to draw a common conclusion.
Yet, irrespective of the level of concern shown, leaks and hacks have been reported from both domestic as well as international tech companies. While Zomato's case ranked high in the list of data breaches globally this year, top US credit agency Equifax and ride-hailing company Uber has also been accorded a central place in the lineup.
Would a more robust cyber security network have prevented the year's biggest hacks?
"While most of these companies hire a full-time team to spot security flaws, slip ups happen all the time, leading to sensitive data falling into the hands of cyber criminals," says (ethical) hacker Anand Prakash, who founded Hackerhive this year. "In addition to being invasive, solving these data breaches can be time-consuming and ridiculously expensive," he adds.
While working as a security engineer for Flipkart, Prakash used to participate in bug bounty programs hosted by tech behemoths like Google, Facebook, Twitter, PayPal and Yahoo, among others. By inviting third-party hackers and external researchers to identify stealth viruses within an application, these companies are clamping down attempts of cyber attacks - before they actually happen.
This is a practise that is commonplace among global tech giants, but oddly missing back home despite the push for Digital IndiaBSE -3.60 %, which seeks to improve online connectivity - correspondingly increasing the risk of such attacks.
Digital drive
Incorporated in May 2016 as cyber security startup AppSecure, it was rebranded to Hackerhive after Prakash collaborated with (co-founder) Rohit Raj to launch a dedicated bug bounty platform for the company. This works as an aggregator that connects companies and ethical hackers to help the former discover and fix security vulnerabilities.
"Although both Rohit and I have a lot of experience running bug bounty programs for other companies on their invitation, it was still a challenge to report security loopholes in other firms without alarming them," says Prakash. "We then decided to launch a platform which legitimizes this practise without intimidating potential clients," he adds.
How does the platform work?
A group of hackers - screened, vetted and deployed by the founders - look for loopholes in a company's product and shares it with them. In return, they are incentivized for each bug reported. Although the compensation value varies depending on the type of bug discovered and the size of the company involved, it will not be a stretch to say that the exercise is as satisfying as it is lucrative.
"This collaboration between our hackers and the company's internal security team can help thwart critical vulnerabilities before the criminals get to exploit them," says Prakash. "It is prudent to take the extra help to plug security loopholes and who better than hackers to do that job for them?" he adds.
Big to small
All of 24, Prakash has crossed an enviable list of milestones for an entrepreneur his age. In addition to being featured among Forbes 30 under 30 Asia
grouping this year, he has also consistently been among the top hackers - worldwide - for Facebook, Twitter and Uber since 2014.
Anand Prakash ranked 3rd, 4th and 3rd on Facebook hackers worldwide list in 2014, 2015 and 2016, respectively
Prakash has also responsibly reported vulnerabilities for other top companies, including Dropbox, Adobe, eBay, Nokia, Blackberry and SoundCloud, to name a few. Selected as part of Nasscom's 10,000 startups program, the company wants to make an impact on Indian companies too by creating awareness among them about cyber security.
"US firms respond immediately to any report of security bugs, but Indian companies typically get into flight mode," feels Prakash.
Prakash is at number 3 on Twitter hackers worldwide list
"Our main aim is not to run big bounty programs, but to create awareness around cyber security in India," says Prakash. "My experience across companies has helped me build a strong network of hackers, but the real challenge has been to convince companies about the importance of protecting their data. In fact, many did not even have security engineers to handle such cases. This is beginning to change with the emergence of tech-based startups," he adds.
In fact, Prakash has collaborated with a string of new-age companies including Zoomcar, Oyo, FreshMenu and Jugnoo. AppSecure is also Swiggy's third party company for its Security Bug Bounty Program.
Prakash is third on Uber hackers worldwide list for 2017
According to him, Indian companies are beginning to understand the impact data breaches can have on its businesses. Furthermore, they are opening up to external cyber security professionals to test the strength of their safety structures, instead of simply relying on automated analysis.
"Most of the analysis in bug bounty hunting is done manually by hackers and that makes a world of difference in this ecosystem," says Prakash.
"This is because the likelihood of discovering bugs is quite slim when done through automated tools," he adds.
From having no customers during the first three months post launch to spreading a network worldwide, Prakash is keeping an eye out for investors to fund his startup. But he is in no hurry.
"I want to first focus on the quality of work that we do," he says. "This includes spreading awareness about the importance of cyber security in India," he adds.
No comments:
Post a Comment