“Till every web application has the capability to secure itself with accurate risk assessment and instant risk protection and continuous monitoring, we will continue to innovate, reach and help customers.”
Today, application security has become a complex issue as digitalization advances and applications become vulnerable. On the one hand, businesses have a pressing need but do not have the time, expertise, or resources to secure the applications continuously. Indusface helps address this issue by not just providing their unique products but also managing them continuously for the customer to focus their time on their core business.
Indusface is a SaaS company that secures critical Web applications of 2000+ global customers using its award-winning platform that integrates Web application scanners, Web application firewall, CDN, and threat information engine. The company has culminated as the security expert who proactively monitors client’s application security risks, mitigates those risks, and provides 24×7 monitoring and managed service to keep them secured all the time.
The core of Indusface is the Product IP they created to provide on-demand automated web application security assessment, offer real-time web application firewall and security protection with a managed service included in their license and 24×7 support. The Product IP delivers deeper on-demand manual security assessment and feeds that back into the product for more automation, gives false positive monitoring, and feeds that back into the product for better out-of-box signatures and policy. It can also integrate the scanning and WAF products to learn from each other, providing updates to protection based on scanning results and scanner updating itself to increase coverage based on WAF live traffic feeds.
According to Venkatesh Sundar, Founder & Chief Marketing Officer of Indusface, risk-based managed application security starts with first getting the visibility of the risks specific to an application. “Hence, we have an on-demand security assessment (automated and manual) that offers a deep understanding and visibility of the risk. Followed by experts working to mitigate those risks and monitor them on a continuous basis to update the policies and manage the web application firewall,” he explains. “Besides these there are generic risks independent of the security flaws in the application (such as DDOs and BOT attack) and they can be mitigated by having a real time learning engine and controls in place to alert for any deviation from normal patterns specific to your application and take actions against them or quickly react to a new zero-day vulnerability and assess the risk by doing scan with updated policies and protect your application with updated WAF policies based on those risks.”
These risks can be averted by Indusface providing an integrated offering of Scanning, Pentesting, WAF, CDN, and management of these components. “We offer all the pieces of the application security under one solution.” The company’s SaaS based WAF offering AppTrana allows the customer to protect their applications from OWASP instantly, DDOS, and Bot attacks instantly and allows them to continuously get visibility of their risks and also action taken against mitigating those risks they can report to their internal stakeholders, auditors, compliance and most importantly their own risk mitigation benefit for maintaining business continuity of their core business.
The company’s vision is to enable all businesses to Go Digital Fearlessly, and its mission is to make website security a simpler task for the customers. “Till every web application has the capability to secure itself with accurate risk assessment and instant risk protection and continuous monitoring, we will continue to innovate, reach and help customers,” says Venkatesh. “Our success is mostly in Asia given our proximity to the customer, but post COVID the nature of enterprise sales has changed and large enterprises are signing up to new solutions from anywhere in the world without requiring a local presence especially for SaaS based solutions provided the Proof of concept meets their need and they can communicate with the vendors anytime over zoom and teams call for getting subject matter experts and support. The physical regional presence is not a must have requirement anymore and hence we expect us to get more business globally and especially in US and Europe over the next few years.”