[FW Radar] Vaadata wants to democratize “ethical hacking”
Founded by Nicolas Bonnefous and Anne-Fleur Schoch in 2013, Vaadata is a start-up that offers to secure the web and mobile platforms of start-ups. The team “ethical hacking»Looks for security holes in order to correct them.
More details with Anne-Fleur Schoch, co-founder of Vaadata.
FrenchWeb: What problem does Vaadata solve?
Anne-Fleur Schoch, co-founder of Vaadata: Cyber attacks are increasing exponentially, and target both start-ups and large companies. Most businesses are very vulnerable to this!
For many reasons (financial gains, ideological reasons, personal challenges, etc.), hackers exploit technical flaws linked to errors made by system administrators and developers or use social engineering techniques such as phishing. On some websites, it is possible to recover an entire customer database in 10 minutes if one has some hacking skills.
The risks for businesses are of several types:
Leakage of confidential or even sensitive data,
Degradation of the database, degradation of online content,
Unavailability of the online service,
Depreciation of the company’s brand image.
Protection needs relate to different types of businesses, for example:
SMEs wishing to avoid the “defacement” of their showcase site,
Management software publisher wishing to protect the data of its BtoB customers,
High traffic site wishing to protect user data and avoid traffic diversions,
E-commerce seller wishing to prevent his platform from being “down»For 24 hours or that the payments are diverted
What’s your value proposition?
Our services have been designed by web professionals who have seen that security is not just an issue for banks and large industries.
We democratize the “ethical hackingIn order to make it accessible to start-ups, small and medium-sized solutions publishers, as well as Web and mobile development agencies.
This allows our customers to secure their websites, mobile applications, SaaS software and / or APIs. Our team of ethical hackingHe identifies security breaches and transmits his skills in order to correct them. We are complementary to the development teams, but we can intervene with all the teams to raise awareness of good practices (secure developments, but also prevention of social engineering risks).
Who are the users of your solutions?
The first users of our services are CTOs or software development managers who need to test the security of their web / mobile applications.
The second type of user corresponds to product managers or marketing managers when they are in charge of integrating security into the roadmap and provide their customers with guarantees on this aspect.
Finally, demand comes from CISOs when we work with mid-sized companies or large accounts, which have their own security teams but seek our specific skills in Web and mobile security.
Our clients wishing to carry out a first audit start with our start-up offer. Those who are already used to security audits carry out more extensive tests, with a logic of invoicing by results. Secondly, we switch to a subscription logic that combines recurring tests, training for developers, social engineering campaigns, or tailor-made consulting. The content of the support depends on the level of risk exposure, which changes as the activity develops.
Who are your competitors?
Our direct competitors are cybersecurity companies offering audit services. They have strong expertise but are not focused exclusively on web and mobile platforms, which gives them a more generalist positioning. They are also less start-up oriented.
Our indirect competitors are publishers of security software that automate certain tasks, and bug bounty platforms. Their solutions are interesting but do not correspond to the same uses as our services: our customers use them in parallel with our services, to meet additional needs.
What is your development plan?
Our roadmap includes the development of new tools, the reinforcement of our methodology and our processes, as well as the development of additional services, particularly in the IoT security and social engineering aspects.
Our objective is to triple our turnover annually and to strengthen both our technical and commercial staff. The results of the past year are extremely positive, the challenge is to grow while ensuring a maximum level of quality.
We have clients in the European market (UK, Germany, Netherlands, Belgium…). Our ambition is to accelerate our international development over the next 3 years.
What are your challenges?
Our challenges are above all business and HR: developing our client portfolio and developing our team with an extremely demanding corporate culture.
We are convinced that beyond uberization, the model of a consulting company that is both expert, ethical and underground makes sense for our clients and our team. Indeed, the bond of trust and customer support on the subject of safety is essential. Also, our ethical hackers want to work as a team provided that internal choices are guided by a passion for hacking and an ethical vision of the company.
Founders: Nicolas Bonnefous and Anne-Fleur Schoch
Creation date : 2013
Fundraising : any
Seat : Lyon
Capital : 15,000 euros
Read also: Internet security breaches, this booming new market
FrenchWeb is organizing a week dedicated to the retail theme (#FWretail). You will meet all week (portraits, interviews, studies…).