Safety Detectives: Please share your company background, how you got started, and your mission.
OwnZap: OwnZap was started by a young team of cybersecurity professionals in 2019 with experience of more than 6 years in industry verticals. We provide unique cybersecurity services in the pandemic job crisis, which inspired us to start our own company to provide cybersecurity services to customers in a different way.
OwnZap Infosec aims to digitally shield cyberspace by offering various services like penetration testing and red teaming, infrastructure security testing, vulnerability assessment & penetration testing, and advanced security awareness.
The company is led by our two co-founders and has grown to service clients within the following expertise:
- Leading health insurance entity: Providing network VAPT services for more than 100 IPs and web application pen testing for over 20 URLs. Identified and solved in securing critical network flaw which is login section bypassing and preventing hackers from accessing 1000s of insurance holders’ details.
- India’s leading conglomerate supplying defense systems: providing network VAPT services for 35 IPs
- Leading startup unicorn serving India’s largest ISP provider: providing cloud network security assessment as a monthly managed services for 25 IPs and WAPT (web app pen testing) for 5 web applications and MAPT (mobile app pen testing) and 5 mobile applications
- Providing source code review services for India’s largest conglomerate in Mumbai
- Leading Microsoft partner serving French conglomerate in food services and facilities management: providing Azure cloud network assessment and pen testing, web application URL pen testing for more than 1000 pages and mobile application testing for more than 100 screens
Our mission: We as a leader, as a consultant, or as a security engineer, ensure that we will run compliance and checks in a very simple way and educate customers in following the standards of securities network and application framework and other recommended best practices. If our customers follow these security standards and protocols, our cyberspace will automatically be secure from attackers.
SD: What is the main service your company offers?
OwnZap: Our core services of this company are vulnerability assessment and penetration testing.
In the VAPT, we cater our services to web application penetration testing, mobile application penetration testing, network vulnerability assessment & penetration testing, API penetration testing, source code review, and cloud security governance and services.
SD: What is something unique that helps you stay ahead of your competition?
OwnZap: We perform POC before running the assessment or testing on live environment to prove the uniqueness we bring to table. Our unique way of performing testing involves manual assessment and testing following industry vulnerabilities standards like OWASP and SANS 25. Our manual testing process involves customer scripts, manual tools, and open-source techniques understanding day-to-day vulnerabilities and providing mitigation to eliminate future attacks.
SD: What do you think are the worst cyberthreats today?
OwnZap: Employee knowledge is the worst cyberthreat with human error playing a part in so many security breaches. Negligence or compromising to not run periodic assessment and testing process leads to unprecedented cyberattacks. Companies provide training sessions to employees to prevent cyberattacks. However, without full interest and cooperation from the employee they may not recognize and respond to cyberthreats effectively—for example, with phishing attacks.