Cybersecurity Startup Award Best Product Company

Somewhere in October last year, NASSCOM-DSCI closed its nominations for the prestigious DSCI Excellence Award. Indusface was up for the Emerging Information Security Product Company award with our popular Total Application Security solution.

The Data Security Council of India (DSCI) had collaborated with PricewaterhouseCoopers (PwC) to recognize and honor emerging product ideas in the Information Security domain. Solving security problems, taking thought leadership, creating a conducive business environment, increasing trustworthiness, and building resilience was the shortlisting criteria they were looking for.

Interestingly, these were also the things that we at Indusface wanted to achieve with the Total Application Security solution.

The Problems That We Solve

Digital businesses, big or small, cannot survive without an extensive application infrastructure. This is something that hackers and attackers have grown increasingly fond of. They want to attack the core business functionality that basically enables banks, financial institutions, new-age businesses, and retailers to serve customers and prospects.

And by large, the problem lies in these three facts:

• 86% of all the websites have 1 serious application flaw.*
• 55% of retail trade sites are always vulnerable to attacks.*
• 70% of all web attacks happen on the application layer. #

In fact, as business ideas and applications get more complex, moderately controlled, and rarely monitored for security flaws, risks multiply. The other part of the issue is the business implication. According to a survey conducted by Gemalto, 64% of people are unlikely to shop or do business with a company hit by the data breach. And it’s not just about the online or digital business entirely. Earnings at Target, the largest US retail chain after Walmart, dropped by 16% and they even lost $148 million recovering from the breach. So clearly, application breaches pull-down businesses, and with a huge force.

Indusface realizes that application breaches are only going to grow exponentially in the coming years. New-age companies and startups aggressively chasing customers will have little time to cover web application security.

Total Application Security offers just the solution that companies need today. Combining automated and expert-mandated technologies, it enables application owners to find out weaknesses in the applications infrastructure, block attacks that use those flaws, and monitor all the relevant application data. All of this is put together on a simple dashboard, for real-time analytics and absolute control.

Becoming the Top Emerging Information Security Product Company

Early in December, DSCI finally released its shortlisted entries and Indusface was among the four top companies selected to represent its emerging product idea and its impact to the real business world to the jury, which included:

• Abhay Karandikar, Professor, Department of Electrical Engineering, IIT Bombay.
• Sandeep Singhal, Managing Director, Nexus India Capital Advisors Pvt. Ltd.
• Saurabh Srivastava, Co-founder & Former Chairman, NASSCOM.
• Siva Sivasubramanian, Chief of Security, Airtel.
• V. Mohandas Pai, Chairperson, Manipal Global Education Services P Ltd., And Co-founder AARIN Capital.

Pitted against CipherCloud India, Parablu Systems, and ShieldSquare Indusface was evaluated and graded by both audience and jury members. Finally, on the eve of 16 December, we have announced the Top Emerging Information Security Product Company, an honor received by Indusface’s CEO Ashish Tandon.

Being and Beyond the Recognition

So, what does it mean to be the Emerging Information Security Product Company? How does it change how the world or we see Total Application Security? Where do we go from here?

It’s a great honor to be recognized as the foremost emerging security product company. In fact, Indusface was also selected in the revered InTech50 annual listing by iSpirit last year.

However, as a cybersecurity startup, we also understand that both web and mobile application security remain undervalued security domains. Statistics show that most data breaches and mobile app penetrations could have been avoided with prior testing and patching. Over the years, we plan to empower companies to deal with four major security challenges.

One, businesses do not know if their website can be hacked. Even if they test it once, applications are updated frequently and there is no way to get vulnerability updates on that. Two, vulnerabilities should be patched. It takes time and resources. And till that happens, the website is open to all kinds of threats. Three, bad people are just waiting to launch distributed denial-of-service attacks with these fancy bots and machines that send so much traffic to the website that the server crashes. Four, hiring and maintaining a separate security team is a huge responsibility. It’s not just about the money, it takes time too, which takes away the focus from key business objectives.

‘Total Application Security’ idea is to overcome all four of these obstacles, at once. It packs web application scanning that looks for website vulnerabilities continuously. It doesn’t matter if you make application code level changes or update the website frequently, once scanning finds an OWASP weakness or malware injection it will report it immediately.

Total Application Security also provides a web application firewall that blocks exploitations and application distributed denial-of-service (DDoS) attempts. In simpler words, it prevents attacks from hackers that use OWASP vulnerabilities or malware on your website with the help of a dedicated security expert team that monitors and analyzes traffic, attack vectors, and DDoS instances continuously to improve your security model accordingly.