Ola Open Sources ‘Jackhammer’ – A First of its Kind Comprehensive Vulnerability Analysis and Management Tool
According to a recent report by VMware, nearly 80% of the product companies experience increased cyber attacks and security vulnerabilities for their products. While some product companies have tried to address this challenge by offering financial rewards to researchers who help them identify vulnerabilities, the cost and complexities involved in this process may not be suitable for many companies, especially start-ups. Privacy and security of customer data is taken very seriously at Ola. Some of the best talent at Ola have built this platform to ensure that there is no scope for missing any potential threats. By open sourcing Jackhammer, Ola has taken a step towards building a cost effective solution for all technology companies to efficiently identify and address vulnerabilities existing in their applications/code/network.
Speaking on the development, Shadab Siddiqui, Head – Security Engineering at Ola said, “As a homegrown technology company, we realize the importance of building security infrastructure that will help efficiently address vulnerabilities that may exist in product application, and there was a serious need for such a tool in the developer/security community. As part of the growing technology ecosystem in India, our aim is to share our knowledge and expertise to help other companies address similar challenges by using our application that is built to provide a comprehensive picture of all vulnerabilities, eliminating the need to shuffle between platforms. We have already reached out to a few of the leading product companies with Jackhammer and they are excited with the prospect of benefitting from our application.”
Key features of Jackhammer include:
- A collaborative tool between those focused on security, developers, quality assurance, Technical Program Managers (TPMs) and senior leadership (now even senior leadership can have a view of their company’s security protection and protocol)
- Complete RBAC (Role Based Access Control) to make sure everyone has required privileges
- Quick integration with third party (open/ commercial scanner) tools, for seamless experience
- The in-built vulnerability management capability is integrated with the ticketing system, with just one tool users will have a comprehensive idea of the security and hygiene of their organization
- Jackhammer can run all kinds of scans (on source code, web apps, WordPress, mobile apps, and networks, etc.) from one place and track them to closure
Ola is committed to supporting the growth of entrepreneurialism in India. Open sourcing Jackhammer signifies this commitment towards supporting the entrepreneurial tech community with free software assistance. Jackhammer is the first open sourcing tool to address and scan all kind of security vulnerabilities – source code, web , mobile, and cloud and provides a comprehensive report that identifies all possible threats. Jackhammer shows the spread of vulnerabilities across all these levels and provides a complete overview of the level of security the tool maintains with respect to vulnerabilities in its code, allowing security teams to understand the complete picture and streamline efforts to mitigate vulnerabilities.
Founded in Jan 2011 by IIT Bombay alumni Bhavish Aggarwal and Ankit Bhati, Ola (formerly Olacabs), is India’s most popular mobile app for personal transportation. Ola integrates city transportation for customers and driver partners onto a mobile technology platform ensuring convenient, transparent and quick service fulfillment. Ola is committed to its mission of building mobility for a billion people. Using the Ola mobile app, users across 110 cities can book from over 600,000 vehicles across cabs, auto-rickshaws, and taxis. Ola has also introduced a range of shared mobility services on its platform like Ola Shuttle and Ola Share for commute and ride-sharing respectively. The app is available on Windows, Android and iOS platforms. Please visit www.olacabs.com and www.olacabs.com/media for more information.