Big Idea

Keeping the bugs at bay

Crowd security testing platform Threatbar has your back no matter what the bugs are in your software

After months of arduous coding sessions, your project has reached its conclusion. The software is ready and you can’t wait to have it up and running. However, the moment it is uploaded into the system, you notice that things aren’t functioning the way you intended them to. Despite a thorough screening of the files, you can’t seem to pinpoint the error. Bugs can be quite subtle yet very destructive. So, how do you find an expert to identify and fix the issue without compromising on the security of your programme?

Threatbar’s Sumit Garg has a wide range of solutions if you’re a startup or enterprise wanting to test your new applications or web operations. An idea he developed during his earlier stint at global information security firm, Trustwave. Set up in March 2017 with an initial investment of Rs.50 lakh, the start-up has curated a team of 200 researchers from countries such as the US, Europe, Africa, Australia, the UK and India. This diverse set of skilled professionals then works on the software applications of Threatbar’s clients.

 “We help organisations test, discover and prioritise bugs. Be it government, enterprises or startups — we give them a global security researcher community on one single platform so that the former can enhance their IT security and systems, and can focus on building intellectual property and customer loyalty which is their core job,” Garg explains. He adds how this model proves to be more time efficient for clients compared to conventional firms who may not have the expertise to deal with all kinds of software bugs.

Once the testing is complete, Threatbar rates these reports from its crowd-sourced researchers. The reports are then made available to the client who, can then choose to have it fixed by the enterprise’s team itself. The researchers are awarded points that can be redeemed for related courses and workshops, and Threatbar is planning to tie up with universities to offer the same. Clients can be rest assured of the credentials of the software testers, as they are signed onto the platform only via referrals or invites.

For all those companies that might be uncomfortable with the idea of a community of researchers working on their project and risking a leak or security breach, a select team of 10-20 people or an internal team of 2-3 startup members is available from Threatbar. “Many companies don’t have large tech security teams and for them select testing is the best option, since it gives you the benefit as well as confidentiality,” says Garg.

The company follows a subscription-based licence model, where customers are required to pay depending on the duration of the subscription and the number of programmes selected. The subscription service is offered under three different models – worldwide programme or crowdtesting (three-12 months); select testing that can be availed for two-four months; and the internal team testing that is on offer for one to 12 months. The subscription package could thus cost anywhere between Rs.2.5 lakh-Rs.38 lakh The company, which primarily focuses on sectors such as BFSI and e-commerce, presently sees an average ticket size of Rs.4.8 lakh.

Currently in talks for its first round of investment, Threatbar is expecting 60% of its revenue for FY18 from North America and remaining from Asia-Pacific and the European Union. It hopes to grow the client list from the current seven to over-50 clients in the first year and over-200 in the second year, fetching a revenue of around Rs.36 crore by the end of FY19. By then, it hopes to attract bigger enterprises that will opt for longer and costlier subscription plans. Considering these, the average ticket size is expected to be around Rs.16 lakh. In addition to this, it plans to grow its researcher community and pick up more people from other markets as well. Thus, once you submit a software to Threatbar, you can be rest assured your programme will be checked for all possible bugs.