We have another great interview for you! This time Akhil Reni, Co-Founder at We Secure App presented his company and told us about many challenges he faced. What's more we learn why he decided to become a hacker and what's so great about!
[Hakin9 Magazine]: Hello, Akhil! How are you doing? Can you tell our readers something about yourself?
Hello readers, this is Akhil Reni, Co-founder and CTO at WESECUREAPP, a cyber security company. I am a security researcher, I love contributing to companies for the improvement of their security posture. While most of my research is done at night, my day time is committed to provide unparalleled solutions to our clients. I enjoy breaking into things as much as a kid enjoys playing a video game, of course for the betterment of an organization's security and contributing to the community.
[H9]: I’m sure that every hacker enjoys breaking into things ;) Did you always want to become a hacker?
[AR]: As a 90’s born kid, I had those good old hand held gaming consoles. They were really simple consoles. Not a lot of stuff runs in the background. I used to tamper with the hardware and get new kind of sounds and all. That was very fascinating. Later, in my schooling, when I used the computer, I realized the power of software. The possibilities are limitless on software side. I began to look at the world in a whole new perspective. The idea of solving a real world problem or improving some work by building software fascinated me. I decided I would become a computer programmer. After some time, I was fascinated by the usage of the world wide web. Everything is online; you can do payments, sell products, share data, etc. But then I thought, how safe is my data? I wanted to see it for myself and here I am.
Short answer, Curiosity. From a curious kid to geek. Geek to Hacker. But ethics do really matter.
[H9]: You have a goal of "Making the internet a safer place". Can you tell us more about it?
[AR]: The Internet is a great invention. A lot of bright minds have contributed and are still contributing because of where it stands today. This has made the globe virtually flat, communications lightening fast and enabled humans to build advanced technological solutions for mankind. However, the gap in the cyber security aspect of the Internet keeps on evolving. Over 1 billion dollars is lost every month due to various breaches that are happening around the globe. We want to contribute in filling these gaps to help companies and their users protecting their data assets and keeping them safe from bad hackers.
[H9]: Can you tell us something about your company We Secure App? Why did you decide to create it?
[AR]: We believe that Security is no longer a Technology Issue, instead it’s a Boardroom Issue. Irrespective of the size of the business, it is essential for companies to protect their assets. If any organization is found to be at fault for not protecting its data assets, that organization will lose Brand Value, Customer/User Loyalty and Partner’s Trust. While cyber security is our passion, we conceptualized to identify and cure the pain points of the customers in the field of Cyber Security. Hence, WeSecureApp was founded. With over 40 years of combined experience in the field of internet security, we are a dedicated group of certified security personnel offering high-class consulting, auditing and testing in various domains and industry segments.
[H9]: What are those pain points in your opinion, could you give us some examples?
[AR]: The biggest hurdle in providing security solutions is that our customers don’t have enough awareness about security. If I was given a dollar every time someone said "We use HTTPSand our application is secure", I would be a billionaire by now. And the pain points differ from application to application and it is our job to identify those pain points by enumerating the application. A few examples would be, if an application is an IM application then the pain point would be the messages being exposed to some unauthorized person and if an application is a E-Commerce application or a banking application the pain point would be fraudulent transfer of money. Bad programming practices is a pain point as well, which can lead to disasters.
[H9]: You are a relatively young company, but you offer a very wide range of services. Why did you decide to do that, instead of specializing in a narrower scope?
[AR]: With a great team of experts, offering a wide range of services is easy. To provide utmost value to our clients, we offer these many services. Yet, we are specialized in each and every service that we offer.
[H9]: What is your area of expertise in WeSecureApp?
[AR]: I spearhead all the technical challenges that the company faces. I indulge in almost all the applications that we have to provide security solutions for and I focus mostly on understanding the flow of data in those applications, reverse engineer when it is legal and try to find out which parts of the application are the weakest links in the application and then I direct my teams accordingly. My area of expertise is vulnerability assessment, penetration testing and reverse engineering.
[H9]: Your company has a five-point value system, I must admit that’s very unusual. Can you tell us something about it?
[AR]: Our five-point Value system revolves around providing innovative and superior security testing solutions to our clients. Our value system focuses on achieving excellence and providing great value to our clients.
[H9]: You offer mobile, web, cloud, network and VoIP Penetration Testing. Which one is the most difficult to perform, or perhaps the most challenging?
[AR]: The most challenging one would always be anything that has to be performed on a large scale. In the end, it scales down to the complexity of the application or the network.
[H9]: One of your offices is in the USA, why did you choose this place? Isn’t Europe a better place for a new cyber security company like yours?
[AR]: As per our market research, companies in the USA spend more for Cyber Security than Europe. Also in the last few years, Cyber crimes in the USA are growing at double digit rate. However, we are planning to start operations in the UK to focus on Europe and Middle East market.
[H9]: How does India compare to the USA?
[AR]: The Cyber Security market in India is in a very early stage but growing at a decent pace. With the increase of the smartphone market and 3G services across India, I believe there will be a lot of market potential in the coming 3 – 5 years. But, when compared to the USA, India has a very small market.
[H9]: Is that visible in malicious actors’ activity as well?
[AR]: Yes it is visible in malicious actors’ activity as well. Not only our market research but even other's market research says the same.The USA, in comparison with other nations in the Ponemon study, continues to rank highest in its cost of cyber crime at an annual average of $15.4 million per company.
[H9]: Are there any challenges you have to face at the moment?
[AR]: To be honest in India, there are a lot of misconceptions regarding cyber security. There is a need to bring awareness on the importance of cyber security. Most of the companies think that HTTPS is enough to protect their customers or applications from hackers. Educating them is our top most priority and our only challenge.
[H9]: What would you say is the most surprising misconception about cybersecurity that is still present in India?
[AR]: "It will never happen to me"
[H9]: What are your plans for the future? Do plan to extend your company to other countries?
[AR]: Our immediate goal is to hire smart resources in the USA and engage them in Commercial projects. In the next few quarters, we would like to work with government agencies and be their most preferred partner.
[H9]: Any piece of advice for our readers?
[AR]: We all use a lot of services on the web daily. Before using any web service ask yourself if you trust the vendor or not. The privacy of your data must be always protected. So, always only use trusted services and stay safe. If you’re a vendor, then make sure you get your applications pen-tested at least once every quarter and make sure you don’t store password or credit card information in plain text.