TFS Gulf
  • All categories
    • inPractice
    • Entrepreneur Story
    • Finance Leaders
    • Videos
TheFinanceStory
No Result
View All Result
  • Login
  • Register
Book 1:1 session with industry experts!
  TFS Gulf
  • All categories
    • inPractice
    • Entrepreneur Story
    • Finance Leaders
    • Videos
The finance story
No Result
View All Result
  • Login
  • Register
Book 1:1 session with industry experts!
The Finance Story
No Result
View All Result

There are few security auditors who understand Blockchain in an era of Blockchain security, says this self-taught bug hunter and founder of Credshields

Shashank became a self-taught bug hunter when he was in school. He wants his company Credshields to automate security for large and small companies, which are seeing the benefits of smart contracts.

Preeti Mondal by Preeti Mondal
Published date: 21st June, 2022
Last edited date: 24th June, 2023
SHARE (873)
There are few security auditors who understand Blockchain in an era of Blockchain security,
Share on FacebookShare on Twitter
  • Shashank grew up as a priced bug hunter and has secured his name in the Google hall of fame for being the same.
  • His work experience led him to set up CredShields to automate security for Blockchain smart contracts.
  • He is building security consulting and security products for the era of blockchain, crypto, and the metaverse.

When you look at bug hunting, is a very lucrative opportunity for young software professionals who want to get into security. Securing applications is one of the most lucrative businesses globally running into billions of dollars.

However, in the world of decentralized applications and finance, security has to be looked at very differently. One only has to meet Shashank, whose youth does not do justice to what he is solving for the business ecosystem. 

In the past, Shashank has worked with Bugcrowd, binary.com, HackerOne, and Cobalt.

He has done all this while he was at school and college. Mature beyond his years, here is what Shashank wants to solve, and here are the excerpts of the interview:

When you were growing up, who influenced you to take up bug bounty programs?

Growing up I was very fascinated with computers and used to read a lot about the latest computers.

I was studying at Sainik school.

I used to use the social media channel Orkut to connect with my basketball team. One day, my friend’s account was hacked and he had to create a new account. That is when I decided to learn about terms like hacking.

I spent almost a month learning about security and hacking. I realized that my friend had suffered a phishing attack. Then and there I decided that this was my future.

What are some of the things that you did in college that kept you interested in working for companies as a debugging expert?

While I was studying in Delhi I heard that Google had a bug bounty program where one actually gets paid. I spent almost two and a half months hunting bugs for Google and then I got my first reward from them, which was $200.

I was so happy because, for the first time, I realized that I can make this a career.

I followed Google up with PayPal.

Although when I started getting payments my father became suspicious and he thought that I was doing something illegal. Hacking does have negative connotations so it was not so surprising.

I had to sit him down and explain to him the entire concept of bug bounties.

To further prove my innocence showed him my name on the Google hall of fame for bug hunting. Only then did he breathe a sigh of relief and understood that I was doing something legitimate.

While I was in college I got a job offer from binary.com and started working with them part-time.

Becoming a bug hunter helped me win money from bug bounty programs offered by several companies. 

I also began to freelance, with many companies, skipping college lectures.

It was a hard time, but four years really paid off because multiple jobs gave me perspective and I managed to pass my exams in the end.

What aspect led you to the blockchain, crypto, and web 3? What impact is this going to make on the world?

I first got to know about Bitcoin when I started receiving bounties from different companies. Then my PayPal account got banned because I was receiving a good sum of money.

Getting swift payments was very difficult as most of the clients were global clients. The banks are usually suspicious about payments and ask us to sign things also, there were charges, on top of that.

Then I realized that there is something called Bitcoin, which is a digital currency.

With bitcoin coming in, I could get paid without any charges and no central entity controls it. This made me respect the concept.

I started using Bitcoin as a mode of payment for my work.

People think about it as an investment vehicle and I think that is where the problem begins.

If we actually look into the product side of blockchain & web3 there is a push for a decentralized way of working. Look at the Ethereum protocols, you can write smart contracts and bring in transparency.

I believe people should use blockchain technology as it is and not think of all this as an investment vehicle. 

What do your startup Credshields and its product, SolidityScan.com, do? Why should CFOs invest in Blockchain Security? 

After college, I was working with Hacker One, which is a web security company, but I was always interested in cryptos and the essence of crypto.

I made a major leap when decentralized finance came in; a financial system where KYC is not centralized.

Multiple DeFi applications are coming up these days but the problem is that so many of them are not secure. I saw a big opportunity for my company to secure these applications.

In April 2020, I decided to quit my job and spent three months understanding the problem of security in the Blockchain and crypto ecosystem.

I found two major problems.

The first problem was that there are very few security auditors who understand Blockchain. 

There is a need to automate security.

Today companies spend months grappling with the problem of understanding security when they implement Blockchain and we can solve this for them at a rapid pace.

Our product SolidityScan is a product for smart contacts. We can fix all the bugs at a click of a button.

Is SolidityScan an app or a SaaS product for organizations? What is its business model and how does it work?

SolidityScan is a SaaS product.

What the company has to do is just sign up, and add smart contracts and in minutes I can tell them the problem with the system and fix the bugs immediately.

A company needs to know its vulnerabilities and we can do it for them. Our backend will then show the companies all the bugs and continuously keep the system safe.

They get constant reports too. Currently, I am targeting smaller companies to use the product.

A few of the retail shops in the USA are now accepting Bitcoin as they go through this business transformation, what are some of the vulnerabilities in this change?  

The vulnerabilities are always at the wallet or end payment system.

Hackers can enter web applications or applications and steal information or money.

At a smart contract level, the codes are designed in such a way that, one must study cryptography for this. The system will not compromise if one part of the chain is affected.

The contract will identify these attacks and ensure that the transaction is not compromised.

If you are dealing with cryptocurrencies, it is very important to not only secure the code, but you must also secure everything from the web application, the cloud infrastructure, and access to employees so that they don’t fall for phishing scams.

Many people are doing smart contracts in the world but is it a large market? Will everybody get into blockchain?

It is going to be big in this decade because early adoption is happening.

Today there are hackathons on AI, ML, and Blockchain development, which is a good thing for the future. 

In Bangalore, there have been a lot of startups working on web 3 projects, and we have been working closely with them as security auditors.

Watch this space closely because technology is going to change the way we operate.

 

 

 

Preeti Mondal

Preeti Mondal

Recommended for you

Uniqus Consultech, founded by ex-Big 4 leaders, raises ₹171 Cr in Series C
AI in Finance

Ex-KPMG Partner startup Uniqus aims IPO in 3-5 Years. Now raised ₹171 Crores

23rd April, 2025 | 4 mins read
India’s 2024 IPO minted seven new billionaires
Business and Startups

India’s 2024 IPO minted seven new billionaires

7th January, 2025 | 5 mins read
Ex-KPMG Partner led Uniqus aims for $150 Million revenue
Business and Startups

Ex-KPMG Partner’s Firm targets $150M revenue in ESG & Accounting Consulting

5th December, 2024 | 6 mins read
How this CA secured $1.62M seed funding after pitching 100+ investors
Business and Startups

CA raised $1.62Mn…but it wasn’t easy! Here is how he approached VCs.

4th November, 2024 | 10 mins read
Building startup focussed professional services firm
Business and Startups

CA co-founded startup focussed professional services firm: 3k+ clients, 80+ team, revenue ₹7.5 Crores

23rd October, 2024 | 11 mins read
feb.ai, AI bookkeeping and tax
AI in Finance

3 CAs AI-powered bookkeeping & tax compliance platform raised ₹16.8 Crores

21st October, 2024 | 3 mins read
Next Post
how-this-bse-listed-nbfc-is-revolutionizing-unsecured-micro-business-loan-segment-by-leveraging-technology-

Founded by CAs, how this BSE listed NBFC is revolutionizing unsecured micro business loan segment by leveraging technology

Start conversation Cancel reply

Your email address will not be published. Required fields are marked *

1:1 career advice platform

  • Manager

    Investment Banking (Front Office) at HDFC Bank.

  • Finance Director

    at Procter & Gamble (P&G)

  • Strategic Program & Ops Manager

    Risk and Internal Audit at Accenture

  • Vice President

    at Alcazar Capital

  • Manager ACR

    Accounting, Compliance and Reporting at EY

  • Senior Accountant

    at BDO Canada LLP

  • Regional Financial Coordinator and Project Manager

    at TotalEnergies

  • Accounts Manager

    at Sterling Perfumes Industries LLC (Fakhruddin Holdings)

BOOK 1:1 CALL

1:1 career advice platform

  • Manager ACR

    Accounting, Compliance and Reporting at EY

  • Senior Accountant

    at BDO Canada LLP

  • Regional Financial Coordinator and Project Manager

    at TotalEnergies

  • Accounts Manager

    at Sterling Perfumes Industries LLC (Fakhruddin Holdings)

BOOK 1:1 CALL
The Finance Story

The Finance Story empowers finance professionals—CFOs, consultants, accountants, tax experts, and bankers—to navigate critical market shifts, industry disruptions, and emerging technologies & trends.

How? We spotlight key opportunities in India and globally, equipping finance professionals with the insights and strategies to drive business growth, optimize decision-making, and position their companies at the forefront

Quick Links

  • Finance
  • Partners
  • Privacy and Policy
  • Terms of use

Follow us

  • /TheFinanceStory
  • @TheFinanceStory
  • /TheFinanceStory
  • @thefinancestory_com
  • TheFinanceStory

© 2022. The Finance Story. All Rights Reserved.

No Result
View All Result
  • TFS Gulf
  • Entrepreneur Story
  • Finance Leaders
  • Videos
  • Login
  • Sign Up

Welcome Back!

Sign In with Google
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
OR

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
We use cookies to personalize your experience. By continuing to visit this website you agree to our use of cookies.
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Book 1:1 call with industry expert