“We want to go to T2, T3, T4 levels of customers and make it easier than it was for the T1.”-Mr. Shomiron Dasgupta, Founder & CEO​,​ DNIF NextGen SIEM

Nisha Harshwal:- What is DNIF Next-Gen SIEM?

Mr. Shomiron Dasgupta:-Essentially, for me, a next-gen SIEM is where you are bringing in lots and lots of data. Basically, building the analytics side, not just the rule-based side. There are rule-based systems, which are very stereotyped and very specific. For instance, when one is shown a visual and told that “this is called a fox,” or “that is called a dog,” “this is the difference between a fox and a dog,” or “this is what an elephant looks like”. That is how we used to identify attackers. Now, attackers are figuring out the rule-based systems and circumventing those systems — so what is happening with us is that we are not able to figure out attacks without having rules. How do you do that? By understanding the environment. Once you understand the environment, you start to take informed actions.

Analytics can identify what is normal, and then start making decisions and identifying anomalies. That is essentially what we are trying to do with DNIF. There are two pillars: a high volume of data and the ability to use analytics for outlier or anomaly detection.

Nisha Harshwal:- What are the challenges faced by the cybersecurity space? How is DNIF impacting the cybersecurity space in India?

Mr. Shomiron Dasgupta:-There are a lot of challenges that cybersecurity is facing right now. However, some of the key challenges that DNIF is solving have to do with the “vocabulary” of attacks — the number of attacks that exist today is just tremendously large. It is growing all the time. The type of attacks, the style of attacks, and the sequence in which attacks are taking place are all changing continuously. It is becoming difficult for us to keep up with them and figure out from these issues that we have not seen before. Because attack patterns and their types and styles are changing, we are unable to easily figure out which ones are new, old, known, unknown, and what is an anomaly, what is not, … All this has become very messy, and because of that, we are losing clarity in detections. At this point, we do not know whether there are 5 attacks to be detected, or 55, or 55,555. Therefore, because there is no clear goal post, we cannot build a defensive perimeter, or a defensive system that is able to identify every rock on the ground at this point. That is the biggest challenge.

This industry has grown, the kinds of attacks have grown, and it is all just gone crazy. Because of that, you can no longer keep running this race with the system to invent new detection methods. When you do not know how many attacks are out there, how can you write rules for every one of them? Because we cannot write rules for every single one of them, we start to move. This is another great challenge that the industry is facing, and this is where analytics steps in.

We say, “Let’s set that problem aside. Let’s figure out a different solution for that, and start going into analytics, and start figuring out how.”

Nisha Harshwal:- How is DNIF different from its competitors?

Mr. Shomiron Dasgupta:-With all the different kinds of attacks out there, we need to figure out what the detection landscape looks like today. The detection landscape today has lots of tools that are point solutions. You may have a sandboxing tool that is just used to explore malicious content, and/or a DLP tool that makes sure no software or malware is writing or pumping data outside. You may have various other tools such as firewalls, and network intrusion detection/prevention systems to detect endpoint vulnerabilities, server-side compromises, and application-level security issues.

These solutions are all point solutions, built to solve a particular problem. Now, in order to block different kinds of attacks at different levels, you have to scatter these all across your environment. Then, you need a platform that brings all these tools together and connects the dots. That’s the role that DNIF takes on.

DNIF does not do firewalling, IDS/IPS, or, say, DLP functionality. It can, however, start linking attacks that occur on the firewall to an attack that happened on a server and connect the dots.

Nisha Harshwal:- Kindly explain the market approach of DNIF. (Is it through a Channel or Direct)

Mr. Shomiron Dasgupta:-Very interesting question. Essentially, DNIF has both types of customers. DNIF has big-name, marquee customers, and these are customers where DNIF is directly involved with the customer in delivering the solution. DNIF also has extremely large Managed Security Service (MSS) partners who are using DNIF as a platform to deliver services to their customers. So, we have the marquee customers, the Fortune 500 customers – where DNIF is directly involved; then, there is a layer where DNIF is being delivered to the market through channels, through a distribution system (MSS partners).

Nisha Harshwal:- Please highlight DNIF’s business growth plans. How do you plan to give shape to it while also driving profitability?

Mr. Shomiron Dasgupta:-Business growth plans – I do not think this is going to be any different from any other business. To double and triple — everybody wants to grow. In terms of how we do that, DNIF has to replicate the same success that we have had at the highest levels of the market (i.e., the marquee customers) to the mid-market and the enterprise level. Delivering DNIF to larger audiences is the biggest challenge we are trying to solve right now. It is not just about us delivering to the top 20 customers we have onboarded; it is about the top 200 customers we are going to onboard, and about being able to effectively build a system that makes it easy for those 200 to come on board with the lessons that we have learned in delivering to the initial set of customers.

Broadly, we want to go to T2, T3, and T4 levels of customers, and make it easier than it was for T1. We are taking all the lessons that we have learned in delivering to our top-level customers and using those to redesign parts of delivery, parts of the product, parts of support, to make sure that it is easy for the next lot to get started.

Nisha Harshwal:- What are the current channel partners DNIF is working with, both in India and overseas?

Mr. Shomiron Dasgupta:-We are working closely with TATA Communications (TCL), TATA Consultancy Services (TCS), Tech Mahindra, PwC and NETMAGIC solutions (NTT Company), EY, Locuz, Auditine and many more as our MSSPs. Collectively, they deliver tailored and robust security implementations for our clients.