Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Interviews. Show all posts
Interviews
Black hat Conference Cyber Security Cybersecurity Information Security Interview with Security Researcher Interviews

Seasides Conference: Interviewing Prashant Kv and Parveen

1) Could you please start by telling us a bit about yourself and your background? 

Prashant: Hi, my name is Prashant KV. I have been working in information security for more than 15 years. I started my career as a developer and then transitioned into application security. Over the years, I have managed and led many penetration testing, source code review, and other InfoSec tasks. and led many penetration testing, source code review, and other InfoSec tasks. 

I was a part of the null and OWASP Bangalore chapter until 2013. In 2013, I moved to the USA, and I have been living here ever since. Presently, I also manage the OWASP Bay Area chapter. 

Parveen: Parveen, who possesses over 12 years of experience, currently serves as a Product Security Analyst at an Organization specializing in bug bounties. His expertise spans various areas, including Web application testing, Network penetration testing, Thick Client Testing, security assessment of Large Industry printers, Red Teaming, and Mobile Application Testing. In addition to his professional role, Parveen is the co-founder of the OWASP Seaside Conference in Goa and the founder of Bug Bounty Village. He has also presented at both the C0c0n and Seasides Conference. 

2) What inspired you to start the Seasides Conference? Maybe share a story of how you came up with the idea for the Seasides Conference.  

Prashant: Barring a few exceptions, I have attended almost all Nullcon events to date. During the Nullcon training days, we used to simply roam around on the beaches. At that time, we thought, "Why not do something useful?" The idea came to us: "Why not organize some free events that provide quality education to individuals from humble backgrounds?" Hence, the idea of Seasides was born. We were fortunate that Bugcrowd was our first sponsor, and then we secured good sponsors all along the way. If it weren't for the generous sponsorships and our enthusiastic team, we would not have been able to sustain this event.  

Parveen: The Seasides conference's motto is to offer free cybersecurity training to the community, aligning with the ethos of the hacking culture that believes knowledge should be freely accessible to all. We aim to foster the growth of the cybersecurity community without imposing the burden of conference fees on individuals seeking to expand their knowledge in this field. 

3) What were the major challenges you faced in the early stages of establishing the conference? 

Prashant: Finding a venue within our budget was a major challenge. The first event we organized took place at a location with false partitions and no air conditioning. Nevertheless, people showed up with great enthusiasm, and the event was a huge success. We only determine our expenditure after we have estimates of sponsorship, which helps us keep ourselves in check. 

Parveen: The major challenge we faced was figuring out how to initiate the conference and garner support from sponsors, especially given our limited experience in conference management. Initially, our plan was to provide training to only 30-40 students. However, as things progressed, the cybersecurity community in India expressed significant interest in our event. Consequently, we had to transition from a limited number of students to an open-ended approach while still maintaining our commitment to free access and ensuring the quality of the training materials. 

Over time, sponsors began to place their trust in our initiatives, and they started providing sponsorship. Last year, our conference saw tremendous growth, with more than 500 attendees participating. 

4) What are the primary objectives and goals of the Seasides Conference? Perhaps you can elaborate on the main themes of the Conference. 

Prashant: The main objective of the conference is to provide premium quality training to attendees free of cost. We consider the event a success even if we are able to change just one life. Our event primarily consists of training sessions, the topics of which can help students and professionals enter the field of cybersecurity or master certain subjects. This year, we have each day dedicated to specific skill levels. For example, the first day is for advanced training, the second day is for basic level, and the third day focuses on enterprise security-related topics. 

One of the major fun aspects of the conference is our memes and informational posts. We are fortunate that our core group of volunteers has grown from single digits to more than 50 today. Our volunteering team thoroughly enjoys creating memes and blending humor with technology. 

Parveen: We have consistently adhered to the principle that our conference should revolve solely around the sharing of knowledge. Our traditional sessions on topics such as application security, blockchain security, and car hacking will remain a staple. As always, training sessions, meals, and social events will continue to be free and accessible to all. 

We proudly organize Seasides (https://www.seasides.net), a no-cost Infosec conference in India. The conference's primary goal is to provide high-quality cybersecurity training to everyone, free of charge. Furthermore, we extend a scholarship opportunity of 5,000 INR to underprivileged students, enabling them to participate in this event. 

5) How does the conference contribute to the cybersecurity and technology community? 

Prashant: The main objective is to expose students and professionals to various domains in information security. In addition to raising awareness, our events have also assisted many young students in securing jobs. Our sponsors actively seek out talented individuals, and we have successfully recruited some excellent candidates from the event.  

Parveen: In our own modest manner, we are contributing to the growth of India's cybersecurity ecosystem. Last year, several organizations conducted recruitment activities at our conference and even extended job offers on the spot, including many of our scholarship recipients. We are optimistic that more organizations will recognize the talent pool at Seasides and choose to recruit skilled individuals from our event in the future. 

6) There are several renowned cybersecurity conferences like DEFCON, BlackHat, and our own Indian NULL. How does Seasides Conference differentiate itself from these events which is to mean what unique features or offerings does the Seasides Conference bring to the table that sets it apart from other similar conferences? 

Prashant: We aspire to be among the list of conference names you mentioned. Nullcon has done a fabulous job of attracting top-quality researchers from all over the world to India. Nullcon is widely regarded as the best conference in Asia, and many of us have grown and learned through our experiences at Nullcon. 

Our primary focus is on students and young professionals who wish to enter this field. Many students face financial constraints when it comes to covering travel, accommodation, and conference fees. We aim to provide them with the opportunity to experience the atmosphere of world-class conferences without worrying about the cost. 

Parveen: Most of the conferences mentioned above serve as excellent platforms for connection, learning, and networking. However, attending these conferences often comes with substantial financial expenses, which not everyone in India can readily afford. In contrast, Seasides offers high-quality training completely free of cost, making it accessible to anyone on a first-come, first-served basis. 

7) How has the Seasides Conference fostered a sense of community among attendees, speakers, and participants? 

Prashant: As mentioned earlier, our core group of volunteers has grown from single digits to more than 50 today. Even after the conference, team members stay in touch and are always on the lookout to take the conference to the next level. In that way, we are a close-knit community.  

Parveen: Fortunately, all of our speakers have generously offered their training services free of charge up to this point, sharing the same goal of educating and nurturing young minds in the field of cybersecurity. This year, we are introducing a change by compensating our workshop trainers for their dedication and hard work. Additionally, we are bringing in renowned experts from outside India to share their experiences and provide valuable insights to our attendees. 

8) What opportunities does the conference provide for networking and collaboration within the cybersecurity field? 

Prashant: Seasides parties are always legendary, and as much as people look forward to the training, they also eagerly anticipate the Seasides parties. This is a crucial aspect of our networking. In addition to that, we have WhatsApp groups and social media interactions that facilitate collaboration among attendees. 

Parveen: Our conference draws a diverse audience, including both professionals and students, creating a valuable opportunity for mutual connection and learning. To further enhance the experience, we are introducing a Career Booster session at the conference. In this session, esteemed professionals will review resumes and assess aptitude through interviews, providing students with a unique opportunity to gain real interview experience. 

Furthermore, this year, we are introducing a distinctive element by bringing in an English teacher. This instructor will focus on teaching effective communication and interview skills, equipping attendees with essential abilities to excel in their careers. 

9) How do you ensure a balance between technical depth and accessibility for a diverse audience? 

Prashant: We have wCTF, a dedicated Capture The Flag (CTF) competition, to encourage more women to participate in playing CTFs. We consistently have a good number of women trainers and attendees. With a wide range of training sessions, we strive to ensure that people of all skill levels can attend the event and derive value from it. 

Parveen: To create a well-rounded conference experience, we implement several strategies. First and foremost, we curate a diverse speaker lineup that caters to a wide range of expertise levels and backgrounds. This ensures attendees have a plethora of options, from deep technical talks to more accessible introductions. Additionally, we organize the conference into distinct tracks, separating highly technical sessions from those more suitable for beginners. To further enhance the learning experience, we offer workshops and training sessions tailored to various skill levels.  

Our panel discussions provide high-level insights and encourage engaging conversations for a broader audience. Session descriptions are meticulously crafted to indicate the intended audience and technical depth, empowering attendees to make informed choices. Moreover, we foster networking opportunities, enabling knowledge exchange between beginners and experts. Q&A sessions following talks allow attendees to seek clarification and bridge the gap between technical depth and accessibility. Lastly, we highly value attendee feedback, using it to refine future conferences and strike the perfect balance between technical depth and accessibility. 

10) As the founder, where do you envision the Seasides Conference in the next few years? Any plans for expansion or evolution?  

Prashant: We aim to introduce more hardware hacking sessions and invite more researchers who specialize in hardware hacking. This is one area where we aspire to make a contribution and encourage the growth of hardware hacking expertise within India. 

Parveen: As the founder of the Seasides Conference, I am fully dedicated to charting a dynamic and promising course for our event's future. To begin, we are committed to extending the conference's influence well beyond the borders of India. This will be achieved through the inclusion of virtual components and the organization of satellite events across diverse regions, aiming to attract an international audience eager to engage with our vibrant cybersecurity community. Additionally, we will introduce specialized tracks dedicated to emerging trends within the field. These tracks will explore cutting-edge topics such as AI and machine learning security, IoT security, quantum computing, and revolutionary technologies like blockchain. This forward-looking approach ensures that our attendees remain at the forefront of the ever-evolving cybersecurity landscape. 

11) Is there anything else you'd like to share with the CySecurity News audience about the Seasides Conference or your journey as its founder? 

Prashant: A tremendous amount of effort goes into the planning and execution of this event. Beyond the goodwill it generates, we don't expect much in return. All we ask from attendees is to share some kind words on their own accord. Particularly, we appreciate it when they express gratitude towards our sponsors and hardworking volunteers. 

Parveen: My journey as a co-founder of the Seasides conference is undoubtedly rewarding and heartwarming. The stories of students receiving scholarships and job opportunities through Seasides, and how it positively impacts their lives and families, are incredibly fulfilling. It's a testament to the valuable work our team is doing to support and empower the cybersecurity community. The sense of making a meaningful difference in people's lives and contributing to the growth of the industry is a source of great pride and satisfaction.  

12) Lastly, how can interested individuals learn more about the Seasides Conference and get involved? 

Prashant: Certainly, I encourage anyone interested in volunteering for Seasides to check out the website at www.seasides.net and follow their social media handles. You can also reach out to them via direct message (DM) as they are always on the lookout for new volunteers with diverse backgrounds and skills. 

Read more »
Privacy Breach
Information Security News Interviews Privacy Privacy Breach

Naavi: Information collected from WhatsApp would be shared with Facebook and eventually be used for advertising

The WhatsApp messenger, which is owned by Facebook, began to notify its users (which is about 2 billion) about the update of the privacy policy. Do you want to keep using the popular messaging app?

On 18 January we conducted an interview with a veteran Cyber Law specialist in India Vijayashankar Na (Mr. Naavi) and he shared with us his opinion on the new privacy policy of WhatsApp messenger and how it impacts the users.

Please introduce yourself to our readers.

I'm the chairman of a foundation of data protection professionals in India, which is the primary organization in India working on data protection, providing certifications, audit, support and so on. Since 1998 I was working on cyber law issues which was based on our law called the information technology act. Moreover, I'm the founder of Cyber Law College, a virtual Cyber Law Education institution. Now we have extended it to data protection.

On January 4, WhatsApp announced that from February 8, all users of the messenger (except for residents of the EU and the UK) will be forced to share their personal data with Facebook — the social network will have access to phone numbers, transaction information and IP addresses. What has changed?

Actually, compared to what happened before, there may not be significant changes. We know that WhatsApp has been acquired by Facebook, but we are not very sure whether the information from WhatsApp was being shared with Facebook. But I believe it was happening in the background which we do not know. But maybe now, because they don't want to take any chances with particularly the GDPR (General Data Protection Regulation) authorities they wanted to actually be transparent about what they would like to do. I think this was driven more by the GDPR considerations to just polish their current privacy policies so that any problems could be sorted out.

WhatsApp wanted to disclose the fact that some part of the information collected from WhatsApp would be shared with Facebook and eventually be used for advertising.

So we all know that WhatsApp is a free app. In fact, it's popularity or growth in popularity was because it was free. But it cannot continue like that forever because there has to be a revenue model for any company. Now WhatsApp has come out to the open and through the new policy has declared what kind of information they are likely to share.

WhatsApp contains two sets of data. One is the metadata - contact list, location, status, financial information and data such as your unique phone ID. So, it all reflects a certain characteristic of persons. That usage information itself is actually a treasure if properly analyzed for the purpose of profiling the person.

As we know from the news, WhatsApp's innovations have already angered technology experts, privacy advocates, billionaire entrepreneurs and government organizations. But the main thing is that they provoked the flight of users. Why did this happen?

WhatsApp made a big mistake in the sense that they did not clarify properly what do they want to do. They said that this change is only for business applications. But pop up about update actually came for all individuals who are having a personal WhatsApp account. Subsequently, WhatsApp said in the Press release that this is only for business accounts, not for individual accounts. Then the people asked, "why did WhatsApp show this particular pop up to me at all? If it was not meant for me?" It was psychologically, very disturbing for people.

Moreover, the problem with WhatsApp today is PR. Actually, they drafted it in such a manner that it would actually create revulsion amongst the people. In my opinion, it was a bad PR "Get it or Leave it". We know that the privacy policy should be return in clear and precise terms that an ordinary person can understand. Going that WhatsApp should have been a little more careful.

So, it has become easy for people to download Signal, Telegram. And of course in India, there will be a moment to develop our own indigenous apps. So maybe WhatsApp is going to lose more than what, perhaps it could have.

What do you think, why does Facebook need this metadata?

Instagram and Facebook are now going to be able to show even more targeted ads on Facebook and Instagram, having carefully studied the interests and preferences of users in the messenger. In addition, businesses will be able to accept payments in WhatsApp for products that users have selected in Instagram ads.

Whether we like WhatsApp or not, whether we like Facebook or not, they also have the right to say that I cannot do it on free service forever. Now advertising requests profiling, without profiling advertisements cannot be targeting.

If the person wants to give the information by way of consent, let him give it. So this is a fair game between business interests and personal privacy interests. It's how GDPR is building. There has to be a legal basis.

WhatsApp will read our messages. Is it true?

As it is generally stated, they are not supposed to be reading our messages. Our conversations are encrypted using end-to-end encryption, and, the company says, even WhatsApp itself can not access them. So, the content is getting encrypted with some device-related ID. So, at the moment it leaves my device, It should get encrypted.

Now in case people actually go for backups, storage in the cloud, then there is an issue. So people should avoid cloud storage and make the backup only within the mobile.

In your article "WhatsApp needs to change its Jurisdiction clause in the Terms or else, exit from India" you said that "WhatsApp has created two different sets of policies, one offered by WhatsApp Ireland Ltd to the EU region and the other by WhatsApp LLC  to other countries". How does this apply to India?

In India, on 8 February we were expecting the parliament to pass the Indian data protection law. In my opinion, WhatsApp decided to change the privacy policy on 8 February only to preempt the data protection law.

When I said that "we need to look for a change of WhatsApp in India" was not because of the privacy issue, it's a question of analyzing the privacy policy, that is a matter of revising the privacy policy.

My issue was in the terms of use one of the clauses - jurisdictions. Of course, this is not exclusive to WhatsApp. It happens in many other international web services. The jurisdiction clause says that if there is any dispute between the user of WhatsApp and WhatsApp, then the dispute has to be resolved in accordance with the Californian law and in the district court of California automated binding arbitration there. It means that the use of WhatsApp in India is not going to have any grievance mechanism in India, this is not in accordance with our law, our law doesn't permit it. It is almost denying the government's interest. I'm not happy with that. I would like that to be changed.

Will you continue to use WhatsApp, or have you changed Messenger?

In our professional circles, actually, we have made some moves. Many of the professionals prefer Signal. Of course, some people prefer to Telegram a bit more. Earlier Telegram was the most used platform due to the number of people in the groups. In fact, we were thinking of shifting our FDPPI group to Telegram.

What do you can recommend to our readers?

If somebody is going to have serious professional discussions, financial discussions, then obviously they should look at shifting to Signal. If it is purely personal, family discussions, you can keep using WhatsApp. So, you need to make a distinction between personal use, family use and professional use. If you want 500 people to be in your group then no have a choice, but to leave a WhatsApp. If it's a small group that handles confidential information, need to change to Telegram.

We've covered quite a bit in this conversation. Before we wrap up, is there anything else you'd like to to add?

The only thing I want to say is that we need clarity amongst the ordinary people on what is privacy and what is that we are willing to protect in privacy. It is not absolute protection. It is always the protection of the choice. And the fact that there are, even if you shift from WhatsApp to Telegram, we don't know whether Telegram will remain free forever.

I feel there is a need for this harmonious relationship between the users and the organizations that make use of the data. And that is the purpose of the data protection law. And when we interpret data protection law, again, we should not be totally one-sided. That is the beauty of this issue, balancing the whole thing.


Read more »
Vulnerabilities. IoT
COVID-19 Cybersecurity Interviews IoT devices IOT Security Ransomware attack Technology Vulnerabilities. IoT

Active Cypher: Great Deal of Orchestration of Our Intelligence in AI into Existing Systems

 
Active Cypher: The company is built upon a socially responsible fabric, that provides information security for individuals and corporations in an increasingly complex digital age. The guest speaker for the interview was Mr. Michael Quinn, CEO, and Mr. Caspian Tavallali, COO Active Cypher. Active Cypher’s Ransom Data Guard utilizes a combination of Active Cypher’s proprietary encryption orchestration, smart AI, and advanced endpoint protection. 
 
Please tell us about your company Active Cypher? 
 

I am Michael Quinn, CEO of Active Cypher. We are a data protection company; we have an ethos within a company that the data needs to be able to protect itself wherever it is created. We have built a product line that offers those capabilities of protection against ransomware attacks through protecting data at the file level in the server environment and in the cloud. What our product allows us to do is be crypto agile. We can work with numerous encryption schemes. Once we are installed we basically back out of the situation and allow the client to run and trust their own data. 

 
Your company talked about game-changing software “Ransom Data Guard” that will protect organizations against ransomware threats. Please describe more about it. 
 
What we developed is a capability where understanding what ransomware has to do in order to take control of the device in a user environment. We built a product just before the Covid-19 and work from home culture started and we realized that people are using shared environments on the same device at home. So we basically allow the organization to encrypt the data down to the device level and protect it. The ransomware protection that we provide basically allows us to manage the files in such a way that they are not accessible to external sources like ransomware. We put this product along with our cloud fortress product to make sure that we were meeting compliance regulations. What we found after working with the law firms is we allow the companies to meet compliance through this capability if the product was ransomed or even if it was exfiltrated because we encrypt the data so the actual data itself is useless. On the ransomware side, the beauty of it is we allow a lot of flexibility in how the data can be stored and used. 
 
Besides ransomware protection, what are the other solutions Active Cypher provides? 
 
We do a great deal of orchestration of our intelligence in AI into existing systems, we integrate into Microsoft tools as well as we have APIs that can write to any of the tools that are out there. We don’t bring in to replace anything or add to anybody’s burden, we integrate into it with our information.  
 
Let’s say somebody opens a doc. file or they load up a doc. file which has an exploit. How do you handle that? 

If somebody uploads an exploit or malware and when it’s opened, because of the process we use to interrogate the document for its integrity, we will stop any process that is trying to intervene with the environment and we’ll put a warning out. What will happen is you’ll get an alert from us, let’s say you open up a “wannacry” as an example, you will get a screenshot saying “your device has been ransomed.” The reality is you can still open all your files. What we do is, with our cloud fortress product, we do a real-time backup. 
 
At a time when hospitals and medical institutions are struggling with Covid-19, how has Active Cypher protected them from ransomware threats? 

In most of the hospitals and medical environments, their IT staff lacked the sophistication to understand what was happening. Earlier, the attackers were not really trying to damage the data, they were trying to ransom it and return it. Now what the attackers are doing is, that they are actually getting into the environment and not going after the data because most of the hospitals have upgraded their capabilities along with using our products. Now, the hackers are attacking the IoT (internet of things) at the device level, which is more life-threatening. What we have done to help healthcare institutions is basically putting a “Data Guard” which is the stand-alone ransomware product on devices. 
 
How do you handle the GDPR (General Data Protection Regulation) and Privacy requirements when it’s the home environment? 

With “Data Guard,” the way the product is designed, it can be installed on a consumer device. In that environment it allows people to protect what they have like personal data or business data that they have on their device is protected. And that’s the simplicity of Data Guard, is the fact that it protects your device and the files on it and ensures that ransomware can’t launch successfully.  
 
With cyberattacks rising, is there any advice you can give to our readers on cybersecurity? 

Everybody has to be aware, you don’t have to be afraid. With the stress of work, particularly with this remote work environment, the user has to be more diligent. So, ease of use and awareness are probably the keys to maintaining good data hygiene.
Read more »
Technology News
Blockchain Interviews ONTOCHAIN Technology Technology News

Interview with experts who lead the project ONTOCHAIN

On 9 November E Hacking News conducted an interesting interview with experts from different parts of the world that lead the project ONTOCHAIN. It is a new European funded project, with the goal to empower internet innovators with a novel software ecosystem for trusted, traceable and transparent ontological blockchain-based knowledge management. This three years innovation project will distribute a total amount of 4.2 million euros via three open calls in order to build the ONTOCHAIN software ecosystem.

  • Please introduce yourself to our readers.

Caroline Barelle: I’m Docteur Caroline Barelle, the Coordinator of the European project ONTOCHAIN. I am working for European Dynamics (Luxembourg), one of the partners of the ONTOCHAIN project among seven partners from six countries with complementary expertise that form the core of the ONTOCHAIN vibrant ecosystem: University of Ljubljana (Slovenia), IntelliSemantic (Italy), iExec Blockchain Tech (France), Athens University of Economics and Business (Greece), the German Hellenic Chamber of Commerce and Industry (Greece) and F6S (Ireland). ONTOCHAIN is also part of the Next Generation Internet initiative that is developed actually in Europe with the ambition to ensure that the development and progressive adoption of advanced technologies, concepts and methodologies contributes to make the future Internet more human-centric, particularly in these times of crisis.

Vlado Stankovski: I’m the scientific and technical coordinator of ONTOCHAIN. I work as a Professor of Computer Science at the University of Ljubljana (Slovenia). Actually, our earlier initiative was the Human Centered Cloud, which we developed under the IFIP organization, established in 1960 under the auspices of UNESCO. The idea here is that the Internet in the past couple of decades has been governed by pretty strong software companies around the world. And now what we want to achieve with the Next Generation Internet initiative is to include in the core protocols of the Internet mechanisms so that people can rely and build on their historical and cultural achievements gained in the past couple of thousand years of European history. for example, the Internet backbone should support pluralism, diversity, democracy, human-rights and other aspects like this. So, we are very much engaged in this type of activity.

Miguel Gonçalves: I’m EU projects manager at F6S (Ireland), a company that has become the largest tech founder community. We are supporting the ONTOCHAIN project making sure that we deliver all the money that comes from taxpayers to the best applicants who will participate in the open calls, this is very important. So we will make sure that we found the best innovators to join us to build this novel software ecosystem called ONTOCHAIN. 

  • How Would You Describe Your Project?

Caroline Barelle: So from a general point of view, this project is funded by the European Commission and under the program, ICT-54-2020, blockchain for the next generation internet. The idea is to empower Internet innovators to co-develop with us a novel software ecosystem that will provide trustworthy and transparent applications for knowledge and information management as well as for knowledge, information and service exchange. We will do this via three Open Calls implemented successively over a period of 3 years and a total budget of equity free funds to be distributed to third parties of 4,2M€. The first Open Call is dedicated to the conceptualisation of the ONTOCHAIN ecosystem around 6 axis: Applications,Semantic Interopearbility, On-Chain Data Management, Off-Chain Data Management,Ecosystem Economy and Ecosystem Scalability and Integration . It is actually is actually open for Innovators. The second Open Call  is about from the concept, to transfer the relevant specifications and to develop appropriate applications for vital sector of the economy (eScience, eEducation, eHealth, eGovernment, eCommerce, eTourism, eInfrastructures) that will be tested and validated then during the third Open Call.

Vlado Stankovski: From my viewpoint, we have funding to build a software ecosystem that will be built and used by stakeholders that share our common goal, which means to improve the Internet protocols in a way that people can trust the knowledge and information that is being generated, stored and shared among individuals and organizations on the Internet. And by doing so to enable many dynamic, semantically complex and heterogeneous ecosystems of resources and actors that would underpin our future smart and sustainable society. 

This project follows the general idea of the Semantic Web, which is to deliver trust by delivering a Semantic Web technologies stack which is now part of the World Wide Web. You probably all know about the initiatives of the World Wide Web consortium, such as the Web Ontology Language (OWL), and other initiatives like this. And the ultimate goal of this technological stack is the trust between the different parties that share knowledge and information on the Internet.

Now, in our ONTOCHAIN project, what we want to achieve is to design and integrate an additional technology, which is coming from the area of blockchain. Blockchains are proven for people to trust them because they already do monetary transactions across the world by using different types of Ledgers. Blockchain is a shared database of transactions. In a way, this is resembles ontologies which are shared conceptualization of physical or abstract entities or shared organization of human knowledge. With these two database and knowledge base technologies put together what we hope about is to “marry" the Semantic Web with blockchains and by doing so, build a new software ecosystem that would improve the the trustworthiness of content and information on the Internet. 

Caroline Barelle:  What I would like to add, is that also one of our goals is to integrate ONTOCHAIN in a specific legal and regulatory and ethical framework that is currently thought over for blockchain and smart contracts. Standardisation and interoperability are also important aspects of what we are doing.

  • What do you mean by ontological knowledge?

Vlado Stankovski: Ontology is a shared conceptualization. We as humans have shared a lot of concepts together, for example, the concept of a car, is the same concept in Japan, in Europe,in the United States and in Latin America, all over the world. We know that carriages and later cars have existed for several thousand years. Carriages have been run using horses, but today we have battery run cars and so on. Yet, we have the concept of a car. So, having these concepts shared helps improve the interoperability of applications, the data which are stored by one application can be sent as input other applications, and easily understood by the other applications. An example of a computer language that helps solve such interoperability problems is the XML (eXtensible Markup Language) of the W3C, and is part of the already mentioned Semantic Web technologies stack. At a practical level, this helps applications communicate information among each other. Ontology languages may be used for more complex specifications of the knowledge that we have about different concepts, so that we can share the same understanding among applications and among each other. We can describe the concept of a car, but we can also describe concepts such as news items, elections, artificial intelligence methods in all their complexity.

  • Who will benefit from this project and how?

Caroline Barelle: We are, in fact, looking for innovators, developers and Internet experts. They will be our partners in co-developing the ONTOCHAIN ecosystem. A part from the equity free funding, they will also benefit from mentoring from worldwide recognised experts in the diverse fields related to ONTOCHAIN. The added value also for them would be a gain in visibility and community building with other innovators, industry and potential investors.

Vlado Stankovski: The inclusion of semantics into blockchains has the potential to open immense possibilities for new smart applications in practically all domains important for people, life and nature around the world.

Existing applications already use blockchains to record hashtags of documents in order to ensure the immutability of the information, which is stored off-chain. Now, imagine that more complex semantics, which means complex structures representing important concepts, such as trustworthy news, elections, automated doors and cars, are being recorded on the blockchains. This would make it possible, for example, to commit to the specific ontologies and consequently commit to the same democratic rules, for example, when distributing important news, going to elections, or sharing cars. Once the common rules are specified on blockchain, on ONTOCHAIN, as a matter of fact, that would enable that people follow the same rules that have been democratically agreed among each other. So, ONTOCHAIN enables organizations not only to establish the common concepts and facts that can be trusted but to rely on diversity, democratic and pluralistic means, when engaging in very dynamic, semantically complex ecosystems in practically all domains. Our goal is to support the smart specialization wave, which is in the heart of the European Horizon 2020 programme of research and innovation.

Miguel Gonçalves: So, there are three levels of beneficiaries. The applicants who take part in the open calls and receive funding, support and mentoring. A second line of beneficiaries will be all the innovators who will use this novel software ecosystem to build the new applications and software. And finally, the citizens who will benefit from trusted, traceable, and transparent based solutions. This will be the end goal of the project.

  • How might your project evolve over time?

Caroline Barelle: From our view point, even if ONTOCHAIN is a three-year project, we foresee sustainability for this ecosystem and we hope to make it last for ever as far as possible. This is the goal. 

  • You announced your project publicly 2 months ago. Did you get the expected response from the public?

Vlado Stankovski: Yes, it is fantastic. We have received really a lot of interest from people who work on different aspects, for example, from the viewpoint of ontologies and the Semantic Web. We know there are several tens of thousands of researchers in the world working only on the development of the Semantic Web technologies stack, such as the Protegé community and other innovators. Then, from the blockchain viewpoint, many hundreds of people already expressed their interest. Moreover, from the viewpoint of cryptography, experts of post-quantum cryptography have shown their interest, security in general. We have some interest from the United States, from people who lead blockchain projects for defense agencies and many other domains. I would say this technology has a lot of perspectives. That's why it has been recognized already for funding as one of the key blockchain projects for the Next Generation Internet. It is amazing that we received so much interest from different experts. And this is what we need in order to be able to build something new and useful for the future generations of users of the Internet.

Miguel Gonçalves: As mentioned the project just started two months ago. We already had the opportunity to promote five ONTOCHAIN TALKS now available on Youtube, and other events. In terms of applicants, the open call is not launched yet. It will be launched very soon, on the 16th of November and will be open for a period of two months. And we then expect to receive a lot of high-quality applications from all over Europe and 16 H2020 associated countries. 

  • Are you going to launch your own blockchain? 

Vlado Stankovski: On the baseline of our ONTOCHAIN architecture we have Interledger. Many smart applications would use private and public blockchains. For example, a smart car may move from Ljubljana to Vienna and would enter the transactions there. Some, but not all data generated in Ljubljana may be needed in Vienna. We need to convey the higher-level semantics of the Ljubljana transactions and to move that to another smart environment, such as Vienna. This is the key idea of how Interledger will support ONTOCHAIN’s semantic transactions. We have an architecture about this that is made of four or five layers. We have applications for trustworthy content handling and information exchange, we have application protocols, then we have ONTOCHAIN protocols and we have underneath this Interledger. In short, ONTOCHAIN is not a typical ledger one may think. 

  • As I understand, you'll work on Etherium and Hyperledger?

Vlado Stankovski: For the time being, but we have also some other people who have attended our meetings, for example, from Tezos and other ledgers. We are really not restricted to few particular ledgers. This project will deliver some showcase applications in the short term, but it intends to open an area of new research where the semantics is shared among blockchains, we would like to see the generation of new type of blocks that we call them ONTOBLOCKS.

  • Would you launch your own tokens or is it just purely application?

Vlado Stankovski: Our partner company iExec Blockchain Tech (France) has already tokens, which will be used in one area. However, the point is that what we want to support a variety of ecosystems. The idea is that by using our ONTOCHAIN software ecosystem, one can establish their own applications that include trusted knowledge management mechanisms. Instead of just recording hashtags, one can record more complex semantics on blockchains. One key challenge in the project is how do we make the interface between what is trusted and resides on the blocks and what is trustless, inherently I mean, which is the sensing environment, the data and information, and the decentralised oracles that reside outside the blockchains.

Any ONTOCHAIN stakeholder can, of course, launch their own tokens and make business. One topic of our first open call, topic number five, is devoted to the development of new economic mechanisms benefiting from trusted knowledge management. 

  • And how do you deal with the censorship of anything that might be required in any sort of network like this, or would it be totally trustless? 

Vlado Stankovski: Censorship in our context is rather a new ONTOCHAIN infrastructure supporting diversity, pluralism, democracy, human-rights, sustainability and other historical achievements of humankind. Imagine that the resulting infrastructure will be a forest of ONTOBLOCKS, or rather an ONTOBLOCKS graph. . This means that our key achievements as humanity can be built into this trusted knowledge management structure. This is the key technological idea of the project. It is not the same as the current World Wide Web that are currently governed by a few big players.

  • We've covered quite a bit in this conversation. Before we wrap up, is there anything else you'd like to share about?"

Caroline Barelle:  Just that we are actually calling for all Internet researchers, innovators and developers whether from high tech companies, academia or natural person(s) to be part of this adventure with us!

Read more »
Interviews
Entrepreneur FixNix GRC Solutions Interviews

Interview with Shanmugavel Sankaran, founder of FixNix - The Entrepreneur who sold his house

Shanmugavel Sankaran has previously worked with Microsoft and IBM in a variety of information security and compliance management positions. Now Sankaran is the Chief Nixer - the founder of FixNix Inc for the last 8 years, a cloud-based Governance Risk and Compliance (GRC) company. Apart from the GRC suite FixNix has analytics products that span across five major risk assessment components across different domains: audit management, Risk management, asset management, business resiliency, disaster recovery, policy management, incident management, board governance, privacy governance.

In his interview, Sankaran shared us the moments from his biography, company history, and his personal life. 

• Mr. Sankaran, do you remember how and when did you start taking interest in computers and cyber security?

I started during my Microsoft days. I was a Database Administrator at Microsoft and I ran the Web Application Security Team for Microsoft, and afterward, I had a lot of interesting things to do at Microsoft. And then I worked with IBM. I had a couple of interesting goals managing cybersecurity architecture and a few other things for a ecommerce platform as their CISO. It's been an interesting journey.

• Do you remember when did the first idea that led to the creation of the company FixNix come up?

During my IBM days, I was trying to solve a couple of problems. There were a lot of opportunities with respect to web application security. And I saw that governance risk and compliance also was very important problems. I thought, okay, these are two problems I should seriously look at. So, when I became a kind of a start-up guy after quitting IBM, I went to act as a chief information security officer for a brief period. I was trying to procure a GRC for them. I couldn't buy are the sub 50 thousand dollar price point. It was a good interesting opportunity to "jump ship" and build.

• What have been some of your biggest challenges?

I think entrepreneurship is a roller coaster. People usually tell capital is the issue but now, after running the company for eight years, I understood the capital is okay: one of the issues, not always the issue. So, I figured out the product-market fit is the issue. It's about time. You need to first to ship someone some version and then subsequently go to Market again. You keep building it until the Market said that it's the perfect solution. So you keep doing that. For me, it was one interesting thing I found in entrepreneurship, which is very exciting stuff compared to Microsoft and IBM.

• How did you get funding for your business? How did you find investors? 

I started out of India. It was a bootstrapped company in the initial days subsequently Incorporated in the US and then became a US Corporation.

So, the initial days as we know it's a lot of trouble. I mortgaged my house to raise debt from the government of India. The initial first capital was 150 thousand dollars. Subsequently, we got some capital from friends in North America Europe USA, etc. So I think that helped the company scale.

But it was only after three years, I went to raise some money.  We raised now to a million dollars. We have 30+ investors. 

• In your profile on Linkedin, you described yourself as “the entrepreneur who sold his house”? Why did you do it? 

Yes, finally, I sold my house and infuse a quarter-million-dollar in the company when he raced around. Now, this house officially got the titled the Entrepreneur who  sold his house.

 • Your Headquarters Location is in California. Why did you choose the US?

The cybersecurity ecosystem is very matured in the US. We considered the optimal outcome that we can get for all of our existing stakeholders of the investors. It was the primary reason to have US headquarter. We have a subsidiary in India already and also in Canada and Singapore.

• On your website, you said: "I am extremely grateful to my Nixers”. Who are these Nixers? 

I actually always called myself a Chief Nixer the initial days because I always feel that we are all in this together. There are problems that we are nixing, nix means destroy or eradicate. We wanted to nix eradicate compliance issues through the process platform. 

So, I always called myself a Chief Nixer and all called all my colleagues Co Nixers. We have had to now almost more than 500 people who traveled with us through a journey for eight years. We had a fantabulous amount of engineering Talent which came and helped us.

Now we have twenty+ Engineers who helped us at this point in time and we are our engineering predominantly engineering-driven organization.

I have one person whom I want to call this is my life partner, Kayalvizhi. She was not a co-founder into the initialization, one of my friends was supposed to be a co-founder. She became co-founder by no choice because he didn't come but join me when we moved here to set up a shop in Chennai.

And then subsequently she was an engineer so she came to help me at one point of time to help me organize a team and a bunch of things. Then she helped me for a couple of iterations and then subsequently after we got some Capital, we got some external help,  then she took a back seat again because kids were growing. We have two nice demanding daughters Hasini & Nila.

But after again the restructure exercise post we went through a troublesome time she came back to help. I'm very fortunate to have her as a co-founder because I think the greatest privilege I can have to go all it happened because of her.

• FixNix has launched Polytechnic university. Is there an opportunity for talented people to enter this university for free? 

I think the university model that we had it's a very globally proven Internship model. I think we have been consistently doing this for almost the past eight years. So, during that time we trained more than 300+ Engineers. The primary thing that we do, we try to make them a good full-stack engineer.

And we don't mind which college they come from what graduation state they have. We have a lot of people from rural India. Sure, education is free with stipend.

• Do you provide work for students of this university in your company?

Yes, we convert close to 30% of the people to full-time employment. They have opportunities to work with us. From my point of view, we hire more than what we need. But we make sure that we take a lot of interns because we take care that these people can go after work somewhere else. We want to help the people, young talents. I strongly believe in young talent because I started as a young talented in Microsoft. I'm very fortunate and grateful to Microsoft when I gained over there with the gave the opportunity as a young graduate, so I still want to pay it forward and help people to have the same access to get exposed to modern technologies and agile programming practices and then modern web application security practices by working on a Cutting Edge technology company like us.

• What is the distinctive feature of your company from others on the market?

Eight years before when I made the statement "We want to be the salesforce of GRC everybody laughed at us, nobody believed that this will become reality. We are Pioneer in this industry and nowadays the whole industry acknowledges that we are the first ones who discovered this business model very deeply.

• FixNix was incorporated exactly 8 years ago (November 2012). How has your product changed over the years?

We had just a couple of products in the initial days such as audit management, risk management audit and compliance. But now we have got to all the different processes as products in the GRC platform. We have also got the AI technology kind of Predictive Analytics. We have got blockchain Whistleblower, a regulatory risk data in 3D, technology products on which we have collaborated with the large Global Banks. So, we certainly believe we have gone a little far ahead of the competition. My opinion is that we have set up a very great example for the whole industry is what I believe.

• What's your research/product that makes you especially proud?

I'm really fingers crossed at the looking forward to the blockchain Whistleblower. So in fact, we tried incorporating that as a separate company. The start of this year was the only plan to raise more capital for that and then scaled further as with a separate engineering team and executive team, but we are just trying to hold on because of Covid-19. So hopefully I think are we may get back to work by 2021 again. 

Blockchain business has huge potential. In Blockchain Whistleblower employees can speak up without worried about retaliation and in a very very fair manner. Organizations will be able to change their culture and then their environment social and governance (ESG) indice because of this.

• Blockchain is the future?

Of course. As a cyber security person, I believe it's one of the Modern data encryption at the transport layers. So it's going to be the future.

• What do you think is the greatest achievement/award of your company that makes you especially proud?

We are really proud of RegTech 21 because we got selected as a top 21 amongst global competition who have raised $250m in capital.

• What do you think, why many companies save on their security?

Yesterday I gave an interview to a leading media of South India about egregore malware. I think investing in cybersecurity is like taking insurance. Until we die we don't know the use of insurance. People cannot die every day to make sure that really have the benefit of the insurance. People may not be able to see anything immediately, but when they get Malware or some attack they start to care.

Covid-19 is the best thing that happened for cybersecurity. Everybody now able to understand the need for business continuity, Disaster Recovery, VPN, antivirus, and nobody is safe.

• In recent years many leaks from Russian banks have occurred, and fraudulent schemes using social engineering have increased in Russia. According to your professional vision, which products from FixNix you can recommend that can solve the problem in Russian banks?

We have 12 different products. They are very useful for the bank's because it's an entire end-to-end suite for cybersecurity. If it's a small bank, it can very well start the compliance audit risk. Then they can go about Asset Management business, risk management, and then the policy, a lot of those things: right resiliency, business resiliency.

So I think we would be very glad in case of the Russian banks are open to engaging the player, make headquartered in the US, operating out of India. So we will be very glad to help them. What they need to do is just contact us on FixNix.co 

• What are your future plans? What is your 10-year goal for the business?

I think if everything goes right, I think we have a lot of prospects of opportunity to become a billion dollar company making hundreds of Millions of Dollars in Revenue. So, there's a huge opportunity. But there is going to be competition but I think we as a Pioneer have some competitive advantage. So just to keep putting fingers crossed and waiting.

• You are not only a successful businessman, but you are also a writer; you have written a book  JUMP-STRAPS. 26 secrets to bootstrap your business. Can you share more details on this book?

Yeah, so I think I'm a great believer in bootstrapping. Bootstrapping the company means you either build the product with the customer found itself or you whatever the small capital have, deploy, and scale the company. So I wrote a book around four years ago. So where are 26 different aspects of bootstrapping. It's available on Amazon. So, anybody can take a look and then express upon the feedback.

• If you had a crystal ball - what do you think will be the biggest change in cyber security industry this year? 

I think the biggest change in cybersecurity is about culture. Previously the cultured part was missing, people were not talking about security then they start talking about security through committees subcommittees Etc. Things will be in better shape.

• What is your advice for new startupers?

Focus on the problem statement, keep investing more time on validating. Don't always think that capital is the only issue because you didn't look upon the product Market fit. You need to go to the market keep talking to a lot of people. Do proper market research.

Spend a lot of time on the personal study is the only recommendation I have got for people.

• What qualities do you think are necessary to work in cyber security field?

Every cybersecurity person should have attention to detail. Okay, you are sitting at a table, that's a small corner which is broken. Don't leave it broken. Try to understand why it's broken and try to understand the reasoning behind it, how it might have happened a separate. When you become a cybersecurity person, you will become a cybersecurity person for life, not only professionally.

• Is there anything else you’d like to share with our readers?

The one thing I want to share about is mindfulness. Now there are covid-19, stress, anxiety depression. All of us are going through all the tough times, so try to follow mindfulness. There are courses, books around it. It's about physical health & focusing on breathing and a few other things. It's about the mind. So focus on your mind, first is the body and then the mind. With respect to mind try to do yoga or a few other activities. Try to create a schedule for 1 hour in the morning or in the evening. Even if it's possible try to do even half an hour. You can combine some of your walkings along with business calls. Please try to create a schedule for becoming mindful. That's it. That's the only request I have for everybody.

Read more »
Security News
Defencely Interview with Security Researcher Interviews Security News

An Interview with Mr. Dependent of Defencely.com : Tushar. R. Kumbhare

1. Introduce yourself:
Hello EHN readers and everyone else from the World Wide Web Community, I’m Tushar Rajhans Kumbhare from India. Probably, your next question would be related to my work, so here goes: I am pursuing a B.E Degree in Telecommunication & Electronics.

At the moment, I am awaiting my study completion, which is going to take a while. However, what I actually do right now and something that has become my destiny as of last few weeks, is my role as a Security Analyst and Pen Tester at Defencely.Com.

Am I too chatty, aren’t I? To cut it short, Defencely is India’s number one and upcoming online cloud penetration services company. Prior to joining their team, I was independently working as a security researcher, and got several awards of recognition from:

• Microsoft
• Apple
• Adobe
• RedHat
• PayPal
• ZenDesk
• Weraki
• Avira
• iFixit
That’s about it… I guess.

2. How did you get into Information Security Field?
Yeah, that is an interesting tale. Generally speaking, I belong to the modern generation, where kids are fascinated with the idea of computers, website hacking, security intrusion, whether good or bad, and reverse engineering. I guess it kind of gives them a sense of control and purpose in life.

However, there are hardly any cases when these “kids” grow up to pursue their dreams. I, for one, loved the idea of computer and website hacking. Not that I was a hardcore hacker, I did things ethically and wanted to become part of the good guys team :P

I just got my laptop 3 years ago. Before that, I was using computers at par level. It is unbelievable, right? It took me 3 years to get better at online security penetration related stuff. As the story goes, there I was in my 2nd Semester’s Programming class. They have that mandatory C language course for everyone.

The first day when I was in C language lab, I was the only student sitting in front of a computer that wasn’t even powered on. How so? I didn’t know how to turn that “darn PC” On. The snobbish teacher walked up to me, thinking that I was just wasting her time, and said, “Why don’t I see you writing any program like the rest of the class?”

I hesitated. By then the dialogue took a wild turn when I admitted to know nothing about powering on computers. Her words: “What” and “Get out of my class, young man” still echo in my head. Besides, I was the laughing stock of the entire university for about two weeks.

My parents were very supportive of me. They spent a chunk of their savings to buy me a laptop. Since then, I have been pursuing my fascination, which is computer and website hacking. From then on, I scavenged all kinds of knowledge about Hall of Fame security acknowledgements.

Hard work and persistence took the better of me, and there I was, trying to get listed on these company pages.

3. Why did you choose to become a Security Researcher?
Curiosity is the harbinger of dreams - (I just came up with this quote myself. Dibs on that) I already said that security research always inspired something in me. Therefore, I set off to develop my “how stuff works” mentality. My long term goal was to get listed in various websites’ Hall of Fame pages. They have these pages set up for security analysts; anyone who points out a vulnerability in the system.

But it wasn’t easy. Endless nights and countless hours were spent to achieve this dream. I worked diligently and was finally able to become a part of society that believes in making the internet a better place for all.



4. How did your first vulnerability report go? How did you find it and what did it feel like at that time?
I’m very glad you asked that question. No one forgets his first encounter with a big company. For me, it was Microsoft back then. After detecting a vulnerability in their network, I reported it without any hopes of seeing my name at their website’s Hall of Fame section. Time went on, and one day I got confirmation from the guys at Microsoft. They thanked me as their company’s custom goes.

It was the most wonderful moment of my life. I was ecstatic, speechless, happy and downright surprised at myself. The incident sparked confidence in me and motivated me to pursue cloud penetration professionally.

Here I’d love to tell all aspiring security analysts that you are your own boss. The so-called “experts” will not only laugh at you, but they’ll also refuse to help you. People hardly part ways with their knowledge in this field. Therefore, you have to work hard and one day you’ll overcome your dreams.



5. What's your research that makes you especially proud?

3 months ago was a “Bug Hunting and Reporting” season for me. I’m not talking about pesticides and actual insects lurking around; it was kind of a virtual online thing. Jokes apart, it took me a lot of time to cover the gaps. No one guided me, or helped me; all upcoming security researchers know this by heart.

The crux of my research is to manually scan any online resource for security threats, and then report it to the concerned authorities. Other than computer related stuff, I also submitted a research paper on Einstein’s Theory of Relativity in 12th Standard. They thanked me and gave me a certificate. I guess this “research” factor comes to me by blood :P



6. How do you feel after being part of Defencely?

How did I feel? I can’t give words to my feelings. First of all, Defencely is the only cloud penetration services company that purely hails from India. There are others too, but most of them are headed in the U.S of A, with some team members scattered around in India.

So it was a big deal for me to be a part of a network that belongs to my country. Defencely also inspired me to chase my dreams with due diligence. Besides that, my parents were damn proud of me… at last. I was kind of a lazy bum in studies, so my dad started doubting my future. I’m going to dedicate the rest of my time and effort to Defencely and brute force ethical standard hacking.



7. What is your advice for new bug hunters?

Dear brothers, I know it is quite easy to give advices but bear with me. As an upcoming security researcher of high caliber, you have to throw yourself at it. No one is going to teach you or hold your finger.

Keep in mind the high competition factor and make the internet your new teacher. On your way, you’ll meet all kinds of people. Some of them will vow to help you but they won’t. Others, though EXTREMELY rare, will give you in depth knowledge about hacking and security assessment. That’s about it. The rest of the stuff, you’re going to have to handle it on your own.

Stay motivated and don’t lose hope, no matter what kind of field you are interested in. By the way, start immediately with OWASP standards. Move your skills across WASC classes and learn anything that any online tutorial has to churn out.

Got it? Why are you still here, then? Go and start your work!

Here’s another one of my chin up speeches for you: To be successful in this field (or any field) you must have a positive and “can do” approach in life. Don’t let haters and their negative energy take you down. You will feel like a loser every now and then – this happens, but don’t give up on anything.

As a matter of fact, you can connect with me on:





8. What do you think about E Hacking News?

EHN is a great opportunity for anyone who is connected to the internet. Granted that you are contributing to someone or something and it is related to the scope of this website, talk to their super friendly admins. They will love to interview you; expose your skills to the world and help you meet fellow community members.

Already EHN has created buzz with its published content. I can only wish you guys all the best for your future endeavors.

9. Is there anything else you like to add?

I would like to add a few things here. First of all, a very special thank you note goes to Mr. Ritesh A. Sarvaiya, CEO and Founder of Defencely.Com. His character and role definitely bypasses as that of a CEO, which itself is a big responsibility these days.

Ritesh Sir (as everyone likes to call him that) has a knack for finding talent all over the world. One thing that I love about him is the fact that he is one of the very few people who would go to extremes to give your destiny a shape. As long as you have the talent to show for, and something that Ritesh Sir can work on, you’ll have it.

Atul Shedage. To me, Atul is like a brother and a great mentor. He is CTO (Chief Technology Officer) at Defencely. We have already heard a lot about him. He is the youngest Indian CTO to receive multiple awards of recognition from many online companies.

Lastly, I would like to thank Sabari Selvan; EHN website webmaster and owner. Without his unmatched support, I wouldn’t be here talking about my dreams and everything that you just read. Thanks Sabari, and good luck to you with whatever you are up against in life. A bunch of appreciation also goes to the entire Defencely and EHN panel. You guys rock.

Read more »
Subscribe to: Posts (Atom)