/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2016/09/Ola-Cabs-Lux-car-rental-mobile-app-1.jpg)
Amidst ever increasing security threats, Ola has open sourced its vulnerability analysis and management tool- ‘Jackhammer’ for technology companies.
Built in-house, Jackhammer finds security vulnerabilities in the target application (website, mobile app, network, source code and blogs) and it helps security teams to manage complex continuous integration and multiple deployments required for secure product development.
Moreover, the application also has a customised dashboard that presents a consolidated set of vulnerable applications and helps the organisation identify top vulnerabilities conveniently and work towards aligning efforts to address those vulnerabilities. According to a recent report by VMware, nearly 80 percent of the product companies experience increased cyber attacks and security vulnerabilities for their products.
"As part of the growing technology ecosystem in India, our aim is to share our knowledge and expertise to help other companies address similar challenges by using our application that is built to provide a comprehensive picture of all vulnerabilities, eliminating the need to shuffle between platforms," said Shadab Siddiqui, Head - Security Engineering at Ola.
While some product companies have tried to address this challenge by offering financial rewards to researchers who help them identify vulnerabilities, Ola said Jackhammer provides a cost effective solution for all technology companies to identify and address existing vulnerabilities in their applications, code or network.
Key features of Jackhammer include:
- A collaborative tool between those focused on security, developers, quality assurance, Technical Program Managers (TPMs) and senior leadership (now even senior leadership can have a view of their company’s security protection and protocol).
- Complete RBAC (Role Based Access Control) to make sure everyone has required privileges.
- Quick integration with third party (open/commercial scanner) tools, for a seamless experience.
- The inbuilt vulnerability management capability is integrated with the ticketing system, with just one tool users will have a comprehensive idea of the security and hygiene of their organisation.
- Jackhammer can run all kinds of scans (on the source code, web apps, Wordpress, mobile apps, and networks, etc.) from one place and track them to closure.
Siddiqui also added that they have already reached out to a few of the "leading product companies with Jackhammer," without disclosing any specific names.