An Interview with George Egri, Founder & CEO, BitNinja
It is commonly understood that one of the best ways to develop a successful product is to create something that solves real problems. That is especially true when the problems you are solving are actually your own – you feel the pain and know what you are looking for in a solution. Moreover, by developing a product or tool to solve you own problems, you have a real-world environment to test and evaluate your progress and success.
That is the story of BitNinja, a web server security tool that was initially developed to solve security threats and hacking issues George Egri was experiencing at his web hosting company. Once he saw how effective it was for his company, he decided to package it as a product and market it to other web hosting companies.
HostAdvice: Please tell me a little bit about yourself and your background.
I actually started my first business while I was in university, about 13 years ago. I still own that hosting company business - Web-Server Ltd. – and it is currently the second largest shared-hosting company in Hungary. It has come a long way from when I started it and my first hosting server was my desktop PC! At that time, there were no control panels or tools and we had to develop everything ourselves.
HostAdvice: You are actually the founder and current CEO of two active companies – correct?
Correct. I own and manage both the Web-Server hosting company and the BitNinja security company. We are currently building a new leadership team for Web-Server so that I can focus on BitNinja.
HostAdvice: Let’s talk about BitNinja. I assume that it is a spinoff based on your experience as a web hosting company.
About 3 ½ years ago we recognized that our biggest challenge as a hosting company was keeping our customer sites secured. We had a lot of issues with hacked websites as well as outbound spam and attacks. After a major attack against one of our servers, we decided to “drop everything” and focus on addressing this problem.
We quickly understood that there was no all-in-one solution for this. We first started with Fail2Ban [tool for analyzing log files]. The main problem with that tool for us was that if an IP address was banned for attacking a particular server, we needed to have it banned from ALL of our servers, not just the affected one. BitNinja was born out of the realization that we needed to create a completely different type of security tool - one that was integrated and could address a multi-server environment.
BitNinja started as an in-house project for us to solve the issues of our hosting company. As we saw how effective it was for us, we realized that there were probably many hosting providers who struggle with the same problem. Therefore, about two years ago, we decided to package the technology and tools together into a marketable product offering.
HostAdvice: So what exactly is BitNinja?
BitNinja is an integrated set of modules that protect servers from various malicious attacks on multiple protocols, all at the same time.
Our current list of modules includes:
- Web Application Firewall
- Malware & Virus Detection
- DoS Detection
- Log Analysis
- IP Reputation
- Port Honeypot
- Web Honeypots
Each module uses different techniques to prevent and/or detect an attack as soon as possible.
This figure will give you an overview of how the different modules address the different phases of a malicious attack. In the middle you can see the 6 phases an attacker typically goes through, while on the right you can see some of the modules that address each of these phases. Our goal is always to try to stop an attack as early as possible, because as time goes on, the chance of stopping the attack decreases.
HostAdvice: In addition to white listing and black listing, you talk about grey listing. What exactly is that?
Grey listing is an idea that we developed at BitNinja and we are the first company in the industry to implement and apply this technique. Let me explain to you why we needed to invent the grey list.
When a tool such as Fail2Ban blacklists an IP address, it does so for a specific amount of time. However, attackers can figure that out and then try to attack again later. Another problem with blacklists is that they often block false positives, e.g. blacklisting the IP of a user that forgot his/her password, which leads to them calling support and becomes a hassle both for the customer and for the support team.
We therefore introduced the concept of a grey list. If an IP address is listed on our grey list, we won’t block every connection from that address, but we will redirect web and email traffic to a local mini-server with a captcha to filter out bots. Customers really love this approach, since it means that they can get off the blocked list on their without dealing with tech support.
HostAdvice: How do you define your market? Who is your specific target audience within that market?
Right now we are targeting web hosting companies, for two main reasons. First of all, we know and understand that market very well, since that is where we started (and still operate there). Secondly, we believe that they are the ones who stand to benefit the most from our solution. By just installing BitNinja, they are very simply solving 99% of their security problems and headaches.
HostAdvice: How many active customers do you have today? Where are they mainly located?
We currently protect about 2,000 servers from paying customers, mainly in the US and Western Europe.
HostAdvice: How would you describe your current typical customer?
In terms of the person – it is usually a 25-45 year old male who like geeky things.
In terms of the company, they usually have and manage 10-40 servers, although we have some customers with 150 or more servers. We also have many small customers with only one or two servers. The median number of servers per customer today is probably around 10. What they all have in common is that they don’t have a dedicated security team but do need to address security issues.
HostAdvice: Who are some of your biggest customers?
As you can see, some of the top hosting companies are already using BitNinja to secure their servers.
HostAdvice: Who do you see as your main competitors?
We don’t really have any direct competitors for our integrated solution. We do, of course, have direct competitors for individual modules. For example, there are a lot of competitors for virus and malware detection and Cloudflare and Incapsula compete with our Web Application Firewall module.
HostAdvice: How do you see BitNinja as different and/or better than theirs?
Our competitive advantage is in the way we provide security:
- Complete Solution – Integrated modules
- Easy to Install – No need for deep knowledge of security
- Multi-Phase Approach – Prevention, Detection, Recovery
HostAdvice: How do you see web hosting / security market evolving in the coming years?
What I see coming in the future is that security concerns will not be limited only to servers. The new threats are coming from the IoT (Internet of Things) world. We are seeing more and more IoT attacks and the rate is rapidly increasingly. It is going to be a very big challenge to protect against these attacks and infected IoT devices.
HostAdvice: How many employees do you have today? Where are they located?
We currently have a team of 12 employees, based in Hungary.
HostAdvice: What is it like going from managing an established 15-year old company to managing a startup? What has been the biggest change or challenge?
The biggest challenge for all of us was going out to the international market, as opposed to our local hosting market, but I think we managed it well.
As a startup, we need to move very fast and to be able to deal with a lot of changes. Managing all of these changes is not easy, but I think that we are doing ok with that as well.
HostAdvice: What are your future plans for BitNinja?
Our mission is to make the Internet more secure. Our long-term goal is to secure 10 million devices within the next 10 years.
What that means in the short term is that we want to introduce more modules to help secure our customer’s servers. We already have plans for many of these modules. In fact, we are about to release a module to analyze outbound traffic to identify sites or files that are infected on your own server.
We are also working on a MS Windows version of our software, because there is a lot of demand for that.
HostAdvice: How many hours a day do you normally work? What do you like to do when you are not working?
I normally work about 10 hours per day. When I am not working, I love to play with my eight month old daughter and to enjoy my hobby of horseback riding.