Hello Readers, today we have Ritesh Sarvaiya, the Founder of Defencely.com, an online security firm. When it comes to online security Major firms like Microsoft, Zendesk etc. don’t think twice to hand over their keys to online world. Coincidentally, the story of the founder is no less inspiring. Ritesh had been selling newspapers in his early days. And now he is respected worldwide and is the caretaker of the securities of world level firms. He has taken the responsibility willingly and his service is spot on.
Before the interview I would suggest you to take a cup of coffee as the interview is quite long and trust me you will ignore your coffee cravings once you start reading it. Here we go!
1) Hello Ritesh, welcome to DigitalGYD.com it’s a pleasure having you here. Somewhere down the internet my eyeballs caught a line that reads “Your thoughts mature with age, your ideas reshape and it affects your persona”. Yes it’s your own phrase. Would you mind telling our readers what exactly it took to develop to this persona including how you started up?
Answer: Hi, It’s a pleasure to be featured on DigitalGYD to share my thoughts, experiences and goals for Defencely Inc. with you all. I’d be delighted to share my personal experiences so far, Swadhin. The most important lesson I can share is this:
Things will shift and change with age. What do I mean by that? I mean it doesn’t matter where you come from or what your past is like. It doesn’t matter if you’ve failed a hundred times. What matters are your intentions and innovations that you work to achieve. As you grow and mature, you get a greater sense of duty and responsibility. Defencely, Inc. is the result of this kind of attention. I struggled and failed in many circumstances, yet Defencely is finally starting to take off and really gain exposure. I never worry about those who despise me. They are just angry because the truth I speak contradicts the lies they live
I can’t begin to describe the struggles, the journey, the failures and successes in words. But I can pinpoint areas along the journey that made me who I am today and made Defencely the kind of business I can be proud of.
I started selling newspapers and had no one to guide me – no mentor and no real idea what to do. So I carved out my own path. Next business was Rikhav InfoTech. During this time, I was always curious and looking for new business opportunities and growth. Even as I was growing up, my own dad was always with me and inspiring me to ask questions. The IT business grew and started amassing a large number of employees before the economy shifted and they started looking for new revenue options. Because of this diversity in services, they had to shut down the business and I had “grown out” of selling newspapers, so I moved on in life.
I spent some time with my mentors and gained valuable experiences in the corporate world. During this time I developed my vision for business which would ultimately lead to the founding of Defencely, Inc. In doing so, I learned that there was a serious lack of standards among security industries for rock-solid application security. There was also lack of methodology standards for a procedural application penetration test. I decided that the answer was to shortlist ethical “white hat” hackers – people who didn’t just hack for the thrill of it, but did so to help improve the system rather than sabotage it. These penetration testers, security researchers and technical wizards would keep getting the challenges they craved while making sure that business and enterprise applications were secured and tested against current and potential future threats.
But it wasn’t just about testing. Once flaws were found, we wanted to make sure that we had ironclad protection in place to safeguard and defend these same applications and services. Hence, “Defencely”. Starting out in India, Defencely had a considerable number of initial hurdles to overcome. We kept growing and expanding to become the heart of leading IT application security services in India. We gained the respect and business of the second largest travel agency in India.
2) Now that you are in the business of web securities please explain how the scenario of web security in India is and what are the things that are at stake?
Answer: Giant corporations in India are already taking their respective businesses online and they’re already involved in processing credit and identity cards, making online reservations and taking online payments across a variety of sectors including government and private industries. Our nation is quickly becoming a leader in electronic communications, and with such a high demand with a million people involved on the web daily, security should be our number one focus. Many companies don’t even know that they have been the unwitting victims of a breach until it’s too late. There’s a lot of power and potential in India’s information technology sector and it’s growing quickly, but I feel that “information security” has always been neglected, since it’s so new and fresh, and there’s a considerable lack of research to point these companies in the right direction.
Now, with that being said, Defencely has already seen firsthand how hacking, stolen credit card information, compromised identity and private detail exposure can affect both companies and individuals. When we discovered these problems, we fixed them immediately.
Yesterday’s security practices will NOT fix the problem. India needs to step up and address their security issues. Because Defencely was born in India, we have a commitment to make our home country safe and secure when doing business in the global arena!
3) Please tell us the key objectives of your cloud security service Defencely and how it reached to the PayPal wall of fame.
Answer: Right now, our objective is to make our services available for those proactive, forward-thinking businesses that understand the critical importance of web security and safeguarding their proprietary information. Now, we define objectives as:
• Providing clients with a flexible Web Security model.
• Providing clients with the assurances of their Web Security.
• Providing clients with technical solutions to fix the security breach.
• Providing clients with overall standard application security posture.
• Providing quality based services with manual testing efforts, with the help of our world class Security researchers.
At Defencely, we work with world class security researchers from around the world who follow our vision in contributing to the improvement of web security. Our team of security researchers and penetration testers not only give our clients the kind of comprehensive security sweep they need to keep their applications and information stable and private, but they also believe that web security is an ongoing process, and not a once-and-done job. Its things like this that has earned them all places on the walls of fame of big corporations. We are not content to rest on our laurels though – our testers continue to help these companies by reporting bugs, fixing them and providing vulnerability advisories where possible.
4) Almost every second day we hear of brute force attacks, and hacking of e-commerce sites, what services does Defencely provides for this situation?
Answer: As discussed earlier, application security is an ongoing process and security flaws will always exist as long as the application stops being updated. Similarly, E-commerce websites are rich in application architecture and have a large audience that is depending on them. That’s why they have a responsibility to carry a customer’s private data carefully through the secure transaction process and 3rd party gateways. This might look easier said than done from the consumer’s perspective, but in practice it can be difficult for the developers to maintain this application, since new modules and security patches and updates are continually introduced.
It’s like building a house and then deciding after it’s done that you want a basement. You keep adding on rooms and rooms, and after a while the structure is weakened and attackers can force their way in. Brute forcing, an application is a common scenario wherein the attacker isn’t skilled enough to exploit into the application due to a lack of technical know-how. But again, this is a risk to the business providers associated with the ecommerce sites, not the attacker attacking the site.
Defencely Inc. provides a full service, unbreakable security application monitoring and management services for these companies, so that the developers never have to worry about weak code that could let attackers’ brute force their way in. Our Red Team continually maps the application through manual efforts and within the scope that both we and the client have determined to be the most beneficial to their needs.
Now, what about ecommerce sites? They are a special case because they not only suffer from web vulnerabilities but also logic-based vulnerabilities that a skilled attacker can exploit. Most automatic security scanners don’t have the ability to scan for these types of exploits, and yet they can bring a reliable e-commerce business to its knees.
This is where Defencely’s security policies come in. By having concrete steps that can be taken before an attack takes place, the ecommerce site helps build even stronger trust with its clients as well as its developers, because they have this protocol in place.
5) You have been appreciated by the likes of Microsoft, Google, Apple and Zendesk what does it take to have those feathers in your hat.
Answer: It’s an honor, and I’m flattered to share these “feathers in our hat” with our quality assurance team, who made this possible. Getting recognition like this is what motivates them to continue to learn, grow and evolve. I’m certain that if they’re following this interview right now, they’re smiling, because they know that without them, this wouldn’t be possible.
6) At a rapid fire round up how would you rate the following on ten?
a) Web security in India – 4/10
b) Awareness of security breaches amongst Indian companies. – 3/10
c) Willingness of online ventures in investing in a security company. 5/10
d) Defencely as you would rate as compared to other cloud security service provider in India. – 8/10
7) Where do you see Defencely in the next five years?
Answer: At Defencely we have grown rapidly with our services and if this keeps going at this speed, I would like to envision for the next 3, not 5 years. I’d put Defencely at the top 5 cloud based application security providers worldwide – a feat that could only be made possible thanks to our expert team. Our transparency is crystal clear, we provide rock secure services, our goals are predefined; We invent and do not re-process the wheel leading up with same Stone Age solutions by relying on automated garbage.
Competition is for the companies that are regurgitating the same process over and over. At Defencely, we’re more about innovation – reshaping ideas to make them fit as part of the whole security package. Competition is trying to one-up other companies with things like lower prices, faster scanning and such. We think beyond those little arguments. We’d like to think we’re in competition with ourselves to continually improve and strive to innovate and reshape the marketplace.
8) At an interview you said Money shouldn’t be a priority for any successful venture; please tell us what other priorities a budding entrepreneur should be glued to in order to get success.
Answer: Let me ask you – how much better is a product if it is made with passion and not greed? Application security is a rich playground and ‘money’ is an essential key factor but is obviously not the absolute priority. When we started, we thought about all the things that a startup needed – earning investments, risking it all, living on the edge. But When you base a product around passion and develop it solely for the benefit of the public, something changes inside you – you start aiming for a success beyond monetary trappings of wealth.
The struggle is different. It’s not about financial gain. It’s about making the web a safer place. Why undermine that with a bunch of hidden policies, greed and constant one-upmanship?
Here are some key factors which I would like to share on my personal behalf with my own personal experiences, it’s my personal opinion!
know yourself and chalk out what you always wanted to do.
Know exactly what you wanted to do and what would be the benefit.
Keep being passionate about what you do and keep doing it.
Negate everything which demotivates you, you can only fall and be hunted if you were already on top of the rest. This happens. Grow over it. Do not retaliate back, the only proof is your ladder carrying you with the crown of success. Your haters would need an example for motivation.
Last, your entrepreneurship has nothing to do with falling again and again, it’s called ‘practicing’ up one level when you go down. Yes, that’s correct; entrepreneurship is about falling seven times and stand up the eighth time with the experiences of seven falls. The only winning move is in “keep trying”.
9) Many people say “if I could do why can’t you”. What mantra would you want to give for our readers?
Answer: It’s not rocket science, even if it was; with dedication and self-motivation against all odds, one could achieve wonders. I think, being able to leave a mark behind for others, it’s not just the winning move, but the hardest part after reaching it is to stay there. Success stories are never written, they are proven with dedication and hard work. If you aren’t smart, work hard to make yourselves smart, and learn from your mistakes. If you work hard, make sure to over deliver on your client or boss’ expectations. AT the end of the day, people will know you by your deeds.
A one liner to this, ‘you can and will do things, when circumstances are lined up against you, Stand tall. Brush the dust off of yourself and stride forward with confidence.
Thank you DigitalGYD.com for taking up this brief interview and I hope I fully answered all your questions. It was a pleasure mentioning the key factors which made Defencely Inc. a proud success, and I wish the team at DigitalGYD all the same successes. I would also take this opportunity to mention and announce if there are any application security researchers out there that have the right skill set and motivation to improve the web, reach out to us via Hi (AT) Defencely (Dot) (Com) , good luck!