A Look into the Security Industry with Ashwani Paliwal

Did you know that in 2022, more than 220 million people were affected by cyberattacks in 2022 alone? With a reported 1802 data breaches just last year, companies are looking to bolster their cybersecurity- and Ashwani is the individual looking to help them.

On this issue of Developer Decoded, I had the privilege of interviewing Ashwani Paliwal, Founder and CEO of SecOps Solution! With 7+ years of experience in the cybersecurity space, Ashwani started SecOps Solution as a way to identify the top 1% of critical security vulnerabilities in companies. Hoping to stop vulnerabilities before they’re even leveraged, Ashwani is taking the offensive in security!

This isn’t the first time we’ve interacted with Ashwani, I had the opportunity to interview him last year on the blooming SecOps Solution and Lyrid partnership. Since then, he and SecOps Solution have really grown, bringing some truly amazing products to life.

That being said, here is our security issue of Developer Decoded! If you’re interested in participating in these yourself, please fill out this form!

Tell me a little bit about yourself, why did you choose security as a career?

So I like to call myself a Security Developer.

I loved the offensive security side of things since my undergraduate days and hence dabbled with multiple security tools along the way. But slowly I started to develop a keen interest in the inner workings of the tool and started to work on either building my own tools or improving upon the existing solutions and all of that led to building our full-stack agent-less vulnerability and patch management solution SecOps Solution (https://secopsolution.com)

What do you do, and can you walk me through your day-to-day routine?

My day starts usually around 7. I do my usual morning chores, a little stretching. I love my breakfast and try to never skip it. After that it's work-work-work. Having daily standup with the engineering team, followed by the business development team. Ad hoc calls with the marketing team and our channel partners. I spend a good deal of time talking to prospects and existing customers."

I have lunch anywhere between 1-2 p.m. I try to go for a stroll in the evening since I have some really beautiful gardens near my home. But more often than not I have to skip it due to some work. I switch off around 9 p.m. to have dinner. And then wind up for the day by watching some sitcom or just chatting with my wife.

What’s one innovation in the security space that you’re most optimistic about? Least?

I am very keenly observing the quantum cryptography space. I think that's an area that will be very crucial in the next 5-10 years.

I am least optimistic about replacing manual pen testing as an activity. Few things can just never be fully automated. You can automate parts of pen-testing, but a good old read team guy will always pull something out of his hat to amaze you.

Today, what are some of the biggest challenges revolving around security in your field?

NOISE. Just too many alerts and security vulnerabilities being reported for any organization to meaningfully study and act on it. We at SecOps Solution(https://secopsolution.com) are trying to solve this problem through context-based prioritization. So that companies can only focus on what is really critical and actually exploitable in their systems.

In your opinion, what is one popular misconception that people have about the security field?

The most popular misconception is that if we are on the cloud we are safe. In fact all cloud providers including AWS, Azure, Google Cloud and others go out of their way to say that security is a shared model. What that simply means is let's say you have a EC2 instance. AWS will make sure about its physical security i.e. it doesn't get stolen and the initial configurations are good enough. But whatever you install or run in that EC2 is the responsibility of the user. So if a user downloads a log4j vulnerable application by mistake that is on the user and not AWS to secure it or remove it.

Is there one thing we can’t guess about you from your LinkedIn profile?

I love to play the synthesizer and have been playing since the age of 8

If you could go back in time and give your first-year college self any advice, what would it be and why?

Interact and collaborate more with the tech community. Your learning would be expedited exponentially

Last thing, what are you excited about with SecOps Solution coming up?

We are releasing a free-tier of our scanner so independent security researchers and companies with limited security workforce and play around and report critical issues to their organisations. Our agent-less patch management solution which is currently in beta is also set for release. 

If you're interested in learning more about Ashwani and SecOps Solution, visit these links below:

LinkedIn: https://www.linkedin.com/in/ashwani-paliwal/ 

Twitter: https://twitter.com/ashwani_pals

SecOps Solution: https://www.secopsolution.com/ 

G2: https://www.g2.com/products/secops-solution/reviews 

Looking to be featured in Developer Decoded? Fill out this form!