E Hacking News had an interesting Interview with Atul Shedage, a Security researcher and CTO of Defencely.com. Here we go,
1. Please Introduce yourself to EHN's readers
Hello EHN World let me take this fragment of a moment to thank you all for this interview. That being said, I’m Atulkumar Hariba Shedage from Maharashtra – Pune. But you can call me “Atul”, as I am mostly known for my short name in the online world.
I am currently assigned as the CTO (Chief Technology Officer at
Defencely.) It is an online platform for detecting, reporting and fixing website vulnerabilities for clients from all over the globe. Nothing pleases us more than being able to render our skills for popular companies, such as;
- Google
- GitHub
- ZenDesk
- RedHat
- PayPal
- Apple
- Zendesk
- Zynga
At the moment, I am in the middle of pursuing my academic career in Masters of Computer Science from Pune University. Besides pushing in boring assignments and taking notes, hacking and critically analyzing online security vulnerabilities is my second passion.
2. Why did you choose to become a security researcher?
Hmmm… this security researcher field wasn’t really planned. I’d say it was my destiny to become known in the online security field. Upon enrollment in the Bachelor Degree program, I had hopes of being one of the best web designers or programmers for that matter.
Back in 2008, I met this guy: Anil, who, later on, befriended me. He gave me the idea of giving online security a shot. As they say, “
You ain’t got nothing to lose if you are going to try.” I put my hunches ahead of me and started taking introductory tutorials from every possible source.
Before you know it, I was drenched in the passion of creating or doing something worthwhile in this field, which is why we are having this interview. Fate and hard work brought me here; destiny brought us face to face
3. Tell me something about www.Defencely.com
Defencely is completely different than any automated website scanning or monitoring service. That’s because we take steps to secure your website before something goes wrong, rather than trying to pinpoint and clean up the mess after the fact. Our security experts have been trusted by dozens of top corporations, Fortune 500 companies and small businesses around the world to provide flexible, lightning-fast responses to security threats the moment they’re found.
What really matters is how we operate and render our services – these two elements are the crux of helping us signify ourselves. Defencely believes that nothing on the Internet is secure, which is the first and the foremost rule of online security services.
Secondly, we not only detect vulnerabilities, but we also provide long lasting solutions / fixes to them. On common grounds, any web security company can detect vulnerabilities. They can get small time scanner software to take the sting out of “manual labor”, if you’d like to put it that way. Defencely team, on the other hand, is able to fix and detect vulnerabilities because of robust knowledge base and real life experience of dealing with such situations.
4. What's your research that makes you especially proud?
Something that has made me proud…? Hmmm <scratching my chin>. I can’t or maybe I don’t want to say for sure about what has made me truly proud… yet. I believe that one can only feel proud when he or she has indeed achieved a lifelong goal.
However, I did stumble upon moments of happiness and rejoice. For instance, being able to talk to big online companies about gaping holes in their security system, contacting big shots such as; “Adam” from Google’s security panel, getting acknowledgements from ZenDesk security team and vice versa – this is what is taking the Defencely team and myself to an unknown destiny in the skies above.
Overall, it is a killer experience.
5. What advice would you give a website admin to secure their site?
As stated a little while ago, there is no such thing as security. Once your product or website has gone live, it is always exposed to unknown threats from all over. I would implore web admins to secure their websites by hiring able security researchers to help stop any possible damages.
Yes, it is true that you can never secure anything to a 100% extent. But, if adequate steps are taken, you can prevent a great deal of hassle in the long run. Also, your security levels will reach a point where so called hackers would have a hard time breaching all the parameters.
6. How did you step in the Information Security field?
It was year 2008; I was freshly enrolled in the BSC 1st Year Degree Program. Within a few months of meeting new people, the subject of online security piqued my interest way too much. I had to do something about it.
I joined forums, read stuff at Google, trained myself through various web security tutorials and never looked back. It was those hours of sheer self-motivation, endless nights of reading, watching and self-mentoring, which eventually paid off in huge dividends.
I also followed a couple of security researchers at Twitter, and made friends with some very interesting individuals. I am thankful to everyone for believing in me and supporting me throughout those tumultuous times.
7. What vulnerabilities have you discovered so far in your career as a Security Researcher?
I have gone through the OWASP Top 10 vulnerabilities, ClickJacking incidents, WASC 26 Vulnerability Classes and etc. Practically speaking, I don’t limit my knowledge to a particular set of vulnerabilities, as I try to learn and discover something new each day.
These days, I’m mostly focusing on collaborating with Defencely and 0 Day Vulnerabilities. So far, the result and the feedback have been quite good. We also reported some vulnerabilities in WordPress Plugin and a Gallery Project that was patched right after we sent notifications to the developers.
8. Where do you see Defencely in a few years?
Right now, it is still too early to say where Defencely would be in a few years. Things look very bright and there are no worse case scenarios to foresee. The reason being is that Defencely excels where others don’t. We are all backed up by very supportive individuals and a set of minds that are extremely proficient in their relevant fields.
Like I said before, it takes knowledge of the unknown and vast experience to report those vulnerabilities that aren’t even discovered yet. We don’t work a lot with scanners. Manual man hours and lots of hard work are going to take Defencely to new heights of stardom in the tech niche industry. The next few years are absolutely going to be rewarding, and awesome.
I have strong faith in Leadership of
Ritesh Sarvaiya, who is CEO of Defencely.com & with his vision I look forward to see Defencely growing leaps and bounce in coming years to come.
9. What is your advice to newbie who interested in PenTesting field?
Newbie testers and ethical hackers are strongly advised to stay motivated. As a friend, I am telling you guys to never give up on your dreams. Keep learning and keep looking for answers. I know it is very easy to partake in words of wisdom but I have experienced adversity in my life.
The key to remaining successful in online security field or anything is to believe in what you’re doing. Believe in your goals wholeheartedly as if your entire life depends on them. By the way, join forums, engage in talking to security panel members and start by reporting vulnerabilities for the sake of helping other individuals on the internet.
Soon you will start getting recognition.
If you guys need any kind of extended support from my end do not hesitate to connect with me on
FaceBook,
Twitter &
LinkedIn
10. It is nice to talk to you. What do you think about E Hacking News?
I think that with a staggering 18K + Facebook users, a constantly updated content database and lots of interesting information, ‘E Hacking News’ is aggressively doing the right thing. You guys are one of the few who believe in creating a buzz with actual reports and not just filler articles.
I’d love for ‘E Hacking News’ to go beyond the horizon and get more recognition from the entire World Wide Web Community. Thank you Sabari and two thumbs up to you for undyingly pursuing your goals on the internet.
11. Is there anything else you like to add?
I’m glad you asked this question. Without mentioning a few names, I would be feeling ethically impugned, which is why I need to give credit where it is due.
Let me thank
Mr. Ritesh A. Sarvaiya; CEO and Founder of
Defencely. With his ingenious thinking skills and a drive to find new talent, Ritesh is always at the verge of creating something new. I believe that he has a brain of a whizz kid because of the way he has been creating teams and helping people discover their true potential.
Followed by that, I’d like to thank Mr. Rahul Varshneya. He is Defencely Advisory Board Member. But trust me; Rahul’s position goes beyond as that of an advisor. He has more than a decade of pure entrepreneurial skills, a knack for mentoring and aiding startup businesses get up on their feet.
Rahul is currently administering several ongoing projects and businesses. There is
Arkenea Technology, a partner to entrepreneurs and clients, who seek professional help concerning mobile apps and businesses. Then there is his invite only membership to the ‘YEC – Young Entrepreneurs Council’, which he is using to guide bright minds.
Mr. Rahul Varshneya is also a writer, and a pretty good one at that. He is a published author at ‘
Under30CEO’,
Entrepreneur.Com and
VentureBeat. His experience is indeed enlightening way for digital marketers and various internet based brands.
Finally, there’s Bilal Malik, who is designated at Defencely as our ‘Lead Content Manager’. Mr. Ritesh scooped him up after believing in his talents at the break of their first online encounter.
Anything that needs to go down in written form, it is always run by this guy. Be it documentation, haphazard survival guides for security service seekers, PRs – I mean anything. Merely calling Bilal: a writer, would probably be unnerving for us.
All other members of Defencely; and people from technical departments are equally acknowledged. Without you guys, and without an amazing team, I wouldn’t have been here today working together as brothers in arms.
Sabari, it was fun answering all your questions. My regards to you and your loved ones. Have a great day