TEAM: For each founder, please list a brief work history prior to starting your company Andrea has 15 years experience in Cyber Security as ethical hacker and developer of security products. He personally solved the biggest hack in the history, the attack to Saudi Aramco in 2012. Linkedin: www.linkedin.com/in/andreabodei Francesco was economy and business professor at the university of Cagliari, in Italy and has 5 years experience in business development. He helped startups raising millions with European public funds. Linkedin: www.linkedin.com/in/francescomureddu What is the nationality of each team member? Andrea - Italian, Francesco – Italian. Please tell us about your interest, expertise and experience in cybersecurity. Our core competencies are Ethical Hacking, IT security, Vulnerability Assessment and Penetration Testing. We were working in this areas for many areas and gained an extensive experience in this field. Our CEO Andrea Bodei for more than 10 years was into System, Network, Web and Mobile App Penetration Testing, Ethical Hacking, Vulnerability Assessment, PCI-DSS, Security Audit, worked as Team Leader of the Telecom Italia’s Tiger Team, as Information Security Crime Investigator/Forensics expert for police and corporations, has previous experience in Fraud Management, possesses an extensive knowledge of Intelligence and investigation principles and methods, custom virus writing, microspy search and data logging, wiretap and data logging for police and governmental consulting. How long have the founders known one another and how did you meet? We were friends for more than 10 years and then started working together in Spain. Please tell us in one or two sentences about the most impressive thing other than this startup that each founder has built or achieved. We created OKIJOB, an app very popular in Spain to find and offer services (cleaners, babysitters, plumbers etc): http://www.okijob.com PROBLEM AND SOLUTION: What problem/need are you trying to solve? Vulnerability Assessment is obligatory for millions of companies to comply security standards like PCI-DSS, Basilea, ISO9000, ISO 7000 etc, but there are only few software in the market to perform it. What is the solution you're proposing? Customer are forced to do a Vulnerability Assessment to comply some standards, to do that they can ask a security company that will run a Vulnerability Scanner in their infrastructure or they can buy a Vulnerability Scanner theirself. We have a Vulnerability Scanner (there are only 4 decents in the entire market). It focuses on the problem of network vulnerabilities, the servers, computers, appliances network, etc. INFRA is intended to improve security infra structure internal network (LAN) or external (Internet). Focusing on prevention as pricnipal mechanism to ensure safety of our customers. The scanner simulates a malicious user attacking and probing see results which are not part of set of expected results. Is capable of scanning HTML, XML, ASP, ASPX, .NET, JAVA, JS, JSP, PHP, Python, Ruby, AJAX, Flash, SOAP or any including other web application with with and without authentication (either with unknown credentials configured by the user) and double AUTHENTICATION (CAPTCHA, ReCAPTCHA, Google Authenticator, SSO, etc.). What's new about your solution? Basically the concept of Vulnerability Scanner has already 15 years, but only 5-6 players are in the market sharing around 40 millions clients. We have a better product, easy to use, deeper in the results, and it is available in many languages. Why did you pick this idea to work on? Do you have domain expertise in this area? How do you know people need what you're making? I'm Ethical Hacker, this is the software all ethical hackers would want, so I've created it. How far along are you? If you're launched, what is your monthly growth rate (in users or revenue or both)? The platform is ready and we already signed contracts for 1 million dollars. How long have you been working and how many lines of code (if applicable) have you written? Around 20 megabytes of source code and 1 gigabyte of binaries with libraries. CUSTOMERS: Briefly tell us what your product does. A platform to automate the Vulnerability Assessment, that is the action to verify all vulnerabilities in a network. VA are obligatory for millions of companies, but tools only do partially the job and analysts are normally required, we automate all. Who are your target customers and/or users? Enterprises with a security team. It means all Banks, Telcos, ISPs Internet Companies. We offer our help to all of those large enterprises, government institutions, banks, security companies that are obliged to comply with security standards. There are millions of companies who would need our platform to facilitate security check processes and make them automatic. Nevertheless, there are only 5 players on the market offering similar, but not so complete and profound, solutions. What is the problem you are solving? We find the vulnerabilities of your network before the hackers do it. We do it all automated, so you don't need external consultancy. Vulnerability Assessment is obligatory for millions of companies to comply security standards like PCI-DSS, Basilea, ISO900x, ISO700x etc, but there are only few software in the market to perform it. How are your customers solving that problem today? They can use limited vulnerability scanning tools, that cannot automate all process, so they need a security team or external consultants. How many customers / users do you have? Already signed a contract with Qatar (QatarGas), Already signed 3 contracts with Romania (European Union projects) and recently with Peru (Telefonica). Explain how you find and acquire customers We are developing a network of reseller in Italy, Spain, Peru, Mexico, USA and Middle East. What are your customer acquisition costs? We need an average of 4000usd to acquire a new customer, especially traveling. What is your customer lifetime value? A customer by the product and renovate it for an average of 7 years. In average the customer value is 210k YOUR PRODUCT/SERVICE: Describe your business idea/product in a sentence INFRA is a series of platforms that automatically analyzes networks, servers, appliances and webs to detect the vulnerabilities and report the solutions. What is your company going to build? A Security and Vunerability Scanner. What stage are you at? Is it still an idea? Do you have a live beta and trial users? Are you launched? Tell us a little about where you're at We have already launched our product and started generating first revenue. Why did you pick this idea to work on? Tell us about any specific domain expertise or experience your team has in this area We work as penetration testers and in our daily job we needed a similar software, so we developed it. What's new about what you're making? How do you see it advancing cyber-security? Our scanner finds more vulnerabilities than the competitors, it is user-friendly and available in many languages. Our core competencies are Ethical Hacking, IT security, Vulnerability Assessment and Penetration Testing. We were working in this areas for many areas and gained an extensive experience in this field. Our CEO Andrea Bodei for more than 10 years was into System, Network, Web and Mobile App Penetration Testing, Ethical Hacking, Vulnerability Assessment, PCI-DSS, Security Audit, worked as Team Leader of the Telecom Italia’s Tiger Team, as Information Security Crime Investigator/Forensics expert for police and corporations, has previous experience in Fraud Management, possesses an extensive knowledge of Intelligence and investigation principles and methods, custom virus writing, microspy search and data logging, wiretap and data logging for police and governmental consulting. How do you know people or businesses want what you're making? What have you done to test your assumptions? Because we would be the first clients of this product. Anyway all companies we are proposing it are entusiasts, I think that who try it wil buy as it's very usefull. Who are your competitors, and who might become competitors? Who do you fear most? Qualys Guard is the only competitor, but they are not good in application scanning and they skip some parts of the assessment, including the verification exploiting the vulnerabilities, that is obligatory by compliance. We included the software of some competitors inside our product (offering a licit licence to our clients) including Tenable Nessus and Rapid7 Nexpose. The main competitor is Qualys Guard, but our product shows more results. There are other competitors like eEye Retina and Saint, but they have horrible products. Tenable Nessus: www.tenable.com/products/nessus-vulnerability-scanner Rapid7Nexpose: www.rapid7.com/es/products/nexpose/ Qualys Guard: www.qualys.com/enterprises/qualysguard/vulnerability-management/ Qualys is the most similar to our product. Nevertheless, INFRA detects more vulnerabilities, it is user-friendly and available in many languages. Our platform can integrate Nessus and Nexpose. What do you understand about your business that other companies in it just don't get? Other security Companies sell consultancies, They use a product like our product, and give consulting, but consultancy is not scalable (more activities they have, more recurses they require), While selling the product is totally scalable (in a software, the cost of selling 1 million licences is not really much more than sell only 1 licence, at least considering only the cost of producing the product). How do or will you make money? How much do you think you could make? A full license costs 14keur (for corporations or consultants) and a 1 single scan license costs 250eur (for web masters). I'd like to start selling one or two full licenses at month and in few years sell every days. If you have an online demo, what's the URL? http://www.infrascan.net/demo COMPANY DETAILS: In which city and country is your company based? Where are the founders currently living? The company is based in Wilmington, Delaware, USA. The founders work from Barcelona, Spain. Please tell us about the share ownership of your company. There were created 2000000 of shares, 1000000 of which have already been issued with the next percentages. Francesco has 2%, Andrea has 80%, MACH37 owns 8% and 10% are in stock options. Was any of your code written by someone who is not one of your founders? Please explain if so. Also, are there any possible IP issues regarding your company? Some code is written by our team, some is opensource. Have the founders taken any previous investment or funding with regards to this company? If so, please name your investors or the sources of funding, and the amount(s) received. The Universidad Politecnica de Catalunya (a university) is evaluating to fund us. TRACTION: What phrase best describes the stage of your company? Predictable, recurring revenue. Please explain your answer to the previous question Our product is already launched and functioning, We have a Telco and a Government already paying. What progress have you made in the last six months? We completed the development, created the Corporation, acquired some seed investment, acquired two big customers and now we are profitable. What steps have you taken to validate the market? We worked for many years in IT security as Ethical Hackers and Pentesters. Our product is indispensable to cover the needs of many companies obliged to comply security standards. What is your revenue model? How does your company make money? We rent an Hardware with the licenced software inside in two solutions of 50k, small and 800k big machine. After one year the client pays again to renovate the licence but with a discount of 50% as we don't need to buy hardware anymore. If so, how much revenue in your startup's lifetime? $60000 How much revenue in the last month? $30000 HISTORY & FINANCIALS: What date did you start this company? September 5, 2016 What type of entity is your company (e.g. LLC, C-Corp, etc.) Delaware C-Corporation What is the total amount of money invested to-date in this startup? $90000 What is the current monthly cash required to pay all founders, employees, and expenses (i.e. gross burn)? $5000 What are the terms of your current raise? in 2017 we will raise 500k and 1Million during the year COMPANY INFRA is a new company, but it has already achieved a big client and a first investment. Currently they are working very important proposals for corporate and government clients.

Doing all steps of the Assessment, INFRA is faster than the analysts and you can save time and money. INFRA is just better!

See What We Do

What does OUR TRIBE say?

The best hackers and programmers love our easy going environment and we are continuously looking for new people. Move with us in Barcelona or in Washington DC, it will be amazing. Be part of OUR TRIBE!