Delhi-based Czar Securities, which is helping companies secure their digital assets from hackers, has been recognised by Narendra Modi and the French government.
Startup: Czar Securities
Founders: Shikhil Sharma and Ananda Krishna
Year it was founded: February 2014
Where it is based: Headquartered in Delhi
Problem it solves: Delivering enterprise security.
Funding: 57000 Euro (equity free)
Success stories of businesses started by college student are plenty. These include the journeys of biggies like Facebook and Google, and other smaller ones across the world. On the Indian front, there are OYO and Freecharge, which were started by college dropouts.
But Shikhil Sharma and Ananda Krishna’s story is one of the lesser known ones. The talented ethical hackers joined hands to set up Czar Securities and make websites more secure.
How they met also makes for an interesting story.
Studying at NIIT University, the duo began bumping into each other at the college mess. Being the last people to enter the mess led to some familiarity.
Shikhil recalls, “We were quite passionate on the subject of security and had our own blogs. Somehow we always use to enter the college mess together and happened to sit with each other.”
One thing led to another and the duo started working on personal projects. A few projects later and after a couple of months, the computer science students came up with the idea of Czar Solutions.
The company was incorporated in February in 2014.
Making it work
But, as opposed popular perception, starting a company in college wasn’t the easiest thing to do. Especially a security company.
“College kids trying to advise you about loopholes in your security are not usually taken seriously,” they remember.
Shikhil and Ananda accept that in the initial days they were more like freelancers developing a product, and the startup was more like a project looking at security testing services.
Ananda, who now takes care of technology for the firm, states, “We were basically those guys who you give web applications to find loopholes in.”
From cold mailing close to 500 people on their system vulnerabilities, they went to finding flaws in the security of multinationals.
“We intentionally used to find vulnerabilities in Adobe and Microsoft’s systems, a couple of times. But they were kind enough to respond and correct it,” Shikhil says.
But, that didn’t mean clients for the duo. Rather, the founders believe that word of mouth has played a big role in the firm’s success.
One of the first jobs for the firm was ensuring the security of their University’s (NIIT’s) cloud campus programme. At around the same time the firm also signed the contract with car marketplace, Gaadi.com.
The company grew from four clients to more than 50 service-based clients last year. Apart from GirnarSoft, Mera Events and Townscript, the company’s client list also includes Silicon Valley-based Dolls Kill.
Apart from being headquartered in Delhi, the company also has its presence in the US under the name ASTRA IT. The company also has its presence in Singapore through its partners.
Hitting the sweet spot
The founders state that the company has over the last few years evolved to adding more than 50 additional security tests, hitting the sweet spot between manual testing and automated testing.
For automated testing, the company has its own security suite, ASTRA.
The company also helps clients see videos of vulnerabilities and helps with steps to fix the bugs.
Shikhil says, “Internally, we've reduced the testing time by 60 percent as we have automated multiple processes, which give our client a much better report. All in all, we no more see security testing as a service; it is now a product as everything happens on the cloud!”
ASTRA helps companies to scan malware and creates a web application firewall amongst other things. The founders say ASTRA has more than 400 global customers at present.
“We want ASTRA to be a security suite. A customer does not understand the complexities of infosec field; that's the reason they come to us. So, in order to give our customers a complete website, app and server testing under one roof, we have partnered with AppKnox and RoboCyberWall, which offer patent-pending server security solutions.”
The security suite has three active pricing plans ranging from 9 euros a month to 119 euros, depending on the business plans.
For security scan services (manual), the company can charge anywhere from $500 per scan and go up till $5000 per scan, depending on the infrastructure size and other factors like website, traffic or the technology stack used.
The students were awarded by Prime Minister Narendra Modi in the presence of Sri Lankan Prime Minister Ranil Wickremesinghe as well as Minister of Law and Justice and Electronics and Information Technology Ravi Shankar Prasad.
But that’s just the tip of the iceberg for this cybersecurity business.
Earlier last year the company also was one of the winners of the French Tech Ticket, a programme run by the French government for foreign startups to promote and entrepreneurship.
The one-year programme by the French government helps to attract gifted and ambitious individuals from all around the world to set up and develop their startup in France.
The programme offers end-to-end support on the journey from early stage startups to successful businesses, be it financial support and training or first customer acquisition. As a part of the programme, the company also received a grant of 57,000 euro, equity free.
The company states that functioning in Paris helped the firm get access to multiple European clients.
In order to expand its offerings under its security suite, the company is planning to expand their team and raise capital.
In addition, Czar Securities is also forming some strategic partnerships to ensure that the customer gets the best. One such example is the partnership with AppKnox where they work with AppKnox’s web and app security solution through their Astra Suite.
The company is looking to take its security solution to a million websites and apps in the next 5 years.
A joint report by NASSCOM and Data Security Council of India (DSCI) states that the cyber security market is touted to reach $190 billion approximately by 2025 from $85 billion as of 2016. The primary drivers of this growth are the digitisation wave and smartphone penetration.
The report further states that the market is expected to grow at a compounded growth rate (CAGR) of 8.2 percent from 2015-2025.
Tarush is driven towards delivering unbiased and accurate reportage while engaging with as many mediums as possible to narrate a fresh perspective. Working for the past few years in the digital space with YourStory, he has covered the Indian technology ecosystem extensively, focusing on new age Fintech companies, while building strong connects within the industry.