Seemant Sehgal, CEO
It is no secret that cyber threats are evolving faster than preventive measures. One of the key reasons include the enterprises investing in detective technologies rather than taking proactive measures to test their defenses. Adding to the complexity is the reliance of security testing industry on lengthy processes to execute penetration testing. Currently, on-site testing takes weeks to order penetration testing and months to organize the same. On the flip side, hackers work remotely around the clock. To address this, the Enterprise rely on automated security scans, but it comes with drawbacks such as lack of context and an overwhelming number of false positives. With a keen understanding of these challenges, BreachLock has disrupted the old school and conventional approach to security testing and replaced it with a modern SaaS-based approach. “We make cybersecurity testing smarter, scalable and more cost-effective. We aspire to be a market leader in this niche and build a comprehensive solution focused on testing across cloud, DevOps and application components,” says Seemant Sehgal, CEO of BreachLock.
BreachLock’s unique SaaS-based platform combines the benefits of human augmented and AI-powered automated scanning technologies to help clients find and fix a cyber breach before it happens. The platform is powered by AI-based self-learning engine Core OS that constantly processes vulnerability intelligence which the company gathers from all its clients. “We leverage the tremendous data intelligence we have access to and offer this as a benefit to our clients in the form of accurate and fast vulnerability discovery,” remarks Sehgal. However, the biggest advantage is the clients and BreachLock’s security researchers can collaborate on the platform. “Our platform ensures that our people, process and technology layers constantly work in tandem to give our clients a self-improving vulnerability management experience.”
Currently, the platform offers three main functionalities including Dynamic Application Security Testing (DAST), Network Vulnerability Assessment, and Penetration Testing. The DAST module helps clients test their applications using AI-powered web scanner while they are running in production or acceptance environments. The Network Vulnerability Assessment can scan through any large or small network and discover commonly-known vulnerabilities that are network or platform specific. “All results generated by AI-powered scans are validated by our security researchers to ensure no false positives get through,” says Sehgal. Finally, Penetration Testing module lets the clients manage the life cycle of a network or application manual penetration test with a few clicks.
The platform’s intuitive UI provides a single pane view to an enterprise’s cloud, network, and application security posture. “This is what sets us apart from our competition,” extols Sehgal. On the other hand, UI also allows clients to self-navigate the whole testing process with a few clicks. This includes ordering a penetration test or an automated scan and other activities such as requesting a retest or downloading reports.
One of the BreachLock’s prominent clients Conteneo Inc., a collaboration solution provider, wanted to address increasing demands of their customers for high standards of compliance and data security. The company assisted Conteneo with independent 3rd Party Penetration Testing and security validation reports that are backed by ongoing automated scans. This assured the Conteneo’s applications are continuously assessed for unknown vulnerabilities and remediated in subsequent releases. A combination of manual testing, DAST, and network vulnerability assessments provided a panoramic view of the customers’ security posture.
Down the line, BreachLock plans to launch an indigenous RED Teaming platform in addition to offering the security testing platform as an appliance in the cloud. As the company traverses through an innovative path, its focus is on improving cybersecurity testing with a smarter, faster, easier, and scalable solution for all. “Also, we are very excited about Rob Bening joining our Board of Advisors. He has served as CISO of ING group in The Netherlands and is well known in both EU and U.S. spheres for his extensive contributions to the cybersecurity industry. We are confident the BreachLock’s mission will benefit from his mentorship and deep experience,” concludes Sehgal.