India’s share of global cyber threats rose from 5% in 2017 to 8% in 2018 with a global rank of three and second in the Asia-Pacific region from a victim perspective,according to a report from cybersecurity firm Symantec Corp released this year.
Indian users and enterprises have been victims of cyber-attacks for quite some time due to proliferation of new-age connected devices, an increasing internet-connected population and low awareness about attacks as simple as phishing. (Phishing is a way of getting cyber credentials. In this kind of an attack, a cyber attacker disguises oneself as a trustworthy entity to get access to the credentials.)
Cybercriminals attacked 31% Indian web users during the first quarter of 2019, according to a report by cybersecurity company Kaspersky. Another report by Quick Heal Technologies said India faced 50 million cyber threats between July and December last year, translating to 186 detections per minute.
The reports underline the importance of cybersecurity requirements of the country, and more so for enterprises as they look to undergo digital transformation that increases their threat vectors. Chief information officers and chief information security officers (CIOs/CISOs) are now faced with the problem of protecting multiple assets. While protected by multiple solutions, they also have to handle multiple alerts generated, creating a nerve-wracking situation for the IT heads.
Here’s where the role of companies like Netmonastery Network Security Pvt Ltd (previously known as SD Web Technoholix Pvt Ltd) becomes important for CIOs/CISOs.
Founded in 2002 by computer networks graduate Shomiron Das Gupta, the company is also known by its product brand DNIF, and has been trying to solve the problem of plenty for CIOs and CISOs in Indian enterprises with technologies like big data and analytics.
“Most cybersecurity solutions come with pre-programmed rules to detect anomalies,” Das Gupta told TechCircle. “Sometimes, these anomalies can be outside their rules or algorithm, which is usually the case as hackers and attackers are on the lookout for zero-day vulnerabilities. Then they fail.”
How DNIF is different
DNIF is able to find outliers or anomalies without building prescriptive rules, Das Gupta added. “It acts like a data lake for events and is able to process terabytes of data to detect events that might have otherwise been missed.”
Das Gupta said DNIF was a security information and event management (SIEM) solution, built on a scalable big data architecture and uses data science for machine learning, behavioral analysis and advanced analytics.
“With threat intelligence feeds directly integrated into your next-gen SIEM platform, you always have the most up-to-date threat intelligence and can quickly detect and mitigate emerging attacks. The product also comes with more than 50 external threat intelligence plugins,” he said.
DNIF can also be used by an enterprise for log management, data lake, user and entity behaviour analysis (UEBA), security orchestration, automation and response (SOAR), security analytics and machine data analytics.
Das Gupta said there is a DNIF library that has parsers ready to ingest data from all types of devices including network elements which generate system logs, servers which generate text logs or even applications which generate HTTP logs.
“Data is enriched (context added as required) at the time of ingestion and indexed while it is stored in the Big Data store. Your data spreads through a horizontally scalable data store architecture without requiring any redeployment,” he said.
The platform uses its DQL console to analyse data, proactive threat hunting or to define new rules to set up reactive triggers. These are then displayed on dashboards using widgets to keep the IT administrator informed, he said.
Das Gupta said he came up with the idea after seeing the volume of information or data cybersecurity in general produces and how difficult it could be for an organisation to keep up with it.
“Cybersecurity data comes from products, operating systems, databases and applications. This dataset needs to be processed in near real-time and analysed to detect outliers. DNIF has a big data engine, coupled with an analytics engine, to do just that,” Das Gupta said.
The initial days of product development and going-to-market was not easy for the company that has been boot-strapped by Das Gupta himself. “The product took around eight months to build and was approximately six months in beta before becoming generally available after 24 months from the date of inception,” Das Gupta said.
He added that signing customers was an issue since no one wanted to trust Indian startups.
“It took about 16 months to onboard our first enterprise customer. This was also because we were attempting to onboard a marquee customer first up,” Das Gupta said, adding that the company didn't need to alter their main product or business strategy.
“The initial business model is still intact but we have added some layers of strategy into the business model to deal with changing buying patterns,” he said.
The company currently employs 70 people and product iterations happen out of India.
Some of the company’s sixty-plus customers include Vodafone, Axis Bank, RBL Bank, IndusInd Bank, insurance firms and non-banking financial institutions.
The company competes with the likes of IBM QRadar, Microfocus Arcsight and Splunk in a market that is estimated to be $8 billion globally, and offers subscription plans based on usage by customers.
“DNIF (product) is priced at the intersection of the cost and profitability keeping in mind the competitive cybersecurity landscape,” Das Gupta said, adding that the company has been able to break even and reach profits.
“We have already been booked over three times our last year’s revenue. We will attempt to grow four-fold this year,” Das Gupta said.
According to the latest data available from data research platform VCCEDGE, the company had reported a total income of Rs 5.29 crore for the financial year ended March 2018, up from Rs 2.40 crore for FY17. It had reported a revenue of Rs 2 crore the previous year.