Established in 2004 Started in security consulting Moved to product sales with SSL Certificates (This should be mentioned only on a need base only, depending on the audience) In 2010 introduced our flagship product for Website and Web Application Security – IndusGuard. This SAAS segment has contributed to high growth of our business Growing Profitably and are still privately owned This helped us win a lot of recognition from the industry Indusface today has 400+ customers, 150+ customers use IG. Our customers are based in India, Middle East, Asia Pacific and North America (optional line) We have a global presence with offices in Ottawa Canada, Mumbai, Bangalore and Vadodara , Dedicated Development Centre in India. We have vast in depth experience in security, having experts who have worked for Entrust, Trend Micro/Third Brigade, and renowned advisors from the security industry Mutually exclusive but collective experience in security

Websites today are connected to multiple access points such as web servers, databases, content management systems and networks, users, customers and partners portals, image banks etc. making them much more vulnerable and open to exploits than ever before. The web is expanding No of websites are expanding The nature of transactions is increasing All this results in security being a key factor to enable business on the web Note – IG is for public facing websites. Manual Service is done for internal web applications Most of the world is on the web today. In the past decade, websites have ceased to be a place purely for information. They have become significantly versatile, enabling us to do business, transact, procure, and stay informed and connected. This versatility in appearances may be simple. However beneath it the entire web world is extremely complex. This complexity has increased hundred folds ever since websites have diversified into web and mobile applications which are being access via portable and non portable devices. Websites need to stay connected to hosted web servers, multiple databases, content management systems and networks, users, customers and partners portals, image banks and multiple devices of access. Multiple access point for the innumerable features on websites and web applications makes life extremely difficult for web security teams, whose job is to ensure that all information security priorities and compliance norms are well within control.

To add to this, businesses are constantly changing the web application content, design and code either due to competitive pressure or introducing new offerings or promotions or purely updating information. Frequent change is always a challenge, more so for web application security teams as they have no control over these necessary modifications, updates or upgrades. Given the frequency in which these changes occur, most of the time, these updates are not in sync with the security norms in place. Hence there is a constant disconnect between the web application development and web security teams. Budgets allocated to address web application security needs still continue to be minimal compared to spend on network security. This continues, despite the fact that 75% of most attacks take place in the application layer, which hackers are well aware of.

431 million adults were victims globally in the past year, with costs of cybercrime surpassing the combined global black market in marijuana, cocaine and heroin. 54% of online adults have experienced viruses or malware. Norton/Symantec During 2010, the average website had 230 serious* vulnerabilities. – Whitehat DDoS attacks increased by 30 percent in 2010 . Gartner http://www.csoonline.com/article/700263/the-15-worst-data-security-breaches-of-the-21st-century http://www.securitynewsdaily.com/455-websites-hacked-government-commercial-cybercrime-2011.html Hackers are a very savvy group who are well aware that any kind of information they gain access to is highly valuable. They are always ever ready with their targeted, sophisticated threats which recur on a daily basis, yielding them immense profits. Thus with these kind of hostile online threats, there is a phenomenal urgency for better comprehensive management and control of website and web application security. Indusface addresses this critical need for with its flagship product – IndusGuard.

All it takes is for a hacker to inject malicious code into a website. This code can either redirect the user to a fake site to capture sensitive information or it can bring the website down , or it can deface a website. This is just an example, there are many more hostile activities taking place out there which are use for nefarious purposes. Over 80% of all websites have serious vulnerabilities!

Snapshot of our customer base across industry verticals Biggest vertical for us is the BFSI segment – they manage a lot of financial transactions which always needs to be secured We have some of the biggest brands using IndusGuard 11 of the Fortune 500 7 of the Top 10 Banks 6 of the Top 10 Insurance companies 5 of the Top 10 E-Commerce Sites 5 of the Top 10 Technology Companies 5 of the Top 10 Government Organizations Now lets look at the web landscape

Broad Coverage of Security Issues IndusGuard detects and reports vulnerabilities related to application, operating systems, and network, offering a wide ranging and deep web security cover which adheres to globally accepted best practices and standards from OWASP, OSSTM, SANS and WASC. In Depth Website Scanning Using its enhanced web spidering and analysis capabilities to analyze all types of websites, IndusGuard identifies vulnerabilities throughout the entire application, scanning the browser and server-side components, and other third party applications for risk exposures. Daily Scanning Without requiring any changes to websites and web applications IndusGuard conducts nonstop daily checks on websites for system and application vulnerabilities, and malware ensuring that customers are safe guarded from the fast growing, complex and sophisticated malware attacks. Flexible and Easy to Manage cloud based software Since it is built on the cloud, IndusGuard provides immense flexibility to the customer by enabling access online, role based access, grouping of websites, customizable dashboard and reports making access available anytime and anywhere. Cost Effective Transformational Technology IndusGuard has been developed to address all forms of security management requirements and budgets, from the most basic to the most sophisticated, thus enabling you to get the right security fit, whilst saving costs and precious time, and offers smooth scalability between upgrades at any point in time.

TOTAL WEBSITE SECURITY COMPANY OVERVIEW WEBSITE SECURITY INDUSGUARD PRODUCT CUSTOMERS & PARTNERS OUR DIFFERENCE

400+ customers worldwide, includes Fortune 500 7 of the Top 10 Banks 6 of the Top 10 Insurance companies 5 of the Top 10 E-Commerce Sites 5 of the Top 10 Government Organizations 4 of the Top 5 Enterprises Company Profile BUSINESS Website and Web Application Security Founded in 2004 STRONG FINANCIALS Privately owned, profitable company in a high growth business CAGR of more than 84% since inception EXPERIENCED MANAGEMENT TEAM Offices in Bangalore , Mumbai, Vadodara, India | Ottawa, Canada 60 Employees EXPANDING GLOBAL FOOTPRINT AWARDS LONG TERM CUSTOMER RELATIONSHIPS

Complex – is the nature of most websites today Social Network Web 2.0, Ajax Technologies Mission Critical Sites Healthcare Payment Gateways Banking Sites Corporate Websites Basic Shopping Cart Dynamic Sites Static Sites Complex Shopping Carts

Website Security Challenges Constant – are the rapid and ongoing application changes Website application content, design and code changes take place frequently and sometimes daily due to competitive pressure, introducing new offerings or promotions or information updates or business requirements. Control – over frequent change is tough for security teams Business teams take care of website modifications, updates and upgrade requirements and often these changes are not approved through security teams. Misaligned – are budgets between web application security and perimeter security Budgets allocated to address web application security are minimal compared to spend on network security, despite the fact that 75% of most attacks take place in the application layer.

Targeted, Sophisticated, Frequent and Profitable – are the web attacks of today Web Attacks of Today 1.5 million web pages affected by the mass website hack (SQL injection) 15000+ websites were exploited in India in 2011 Web Malware grew by 139% in 2010 75% of attacks take place at the application layer Automation is not always effective without manual configuration or testing activity; manual testing can uncover flaws that are difficult or impossible to find with automated tools

Malicious Code Injected SQL Injection or XSS Visit the Web Site Redirected to Malicious Site Exploit unpatched vulnerabilities Download Malware Anatomy of a Website Attack HACKER Top Website Vulnerabilities SQL Injection Cross Site Scripting Information Leakage Content Spoofing Cross Site Request Forgery Brute Force Insufficient Authorization Session Fixation Abuse of Functionality Over 80% of all Websites have serious vulnerabilities

Vulnerability Assessment Application Scanning Malware Monitoring

Malware Monitoring Find known and unknown malwares Multiple Blacklisting detection Defacement Detection Anti-Malvertising for ad networks and publishers Flexible Notification Real time crawling and real time behavior analysis Authenticated Scanning Web Service API Application Scanning Browser-based scanning, scans the client-side components of the application Scans Web 2.0 apps –analyzes JavaScript, AJAX and Flash applications deployed on your website Daily Scanning for complete coverage Zero False Positives Business Logic Testing IndusGuard Cloud Services Vulnerability Assessment More than 54,500 checks across 14,000+ vulnerabilities Actionable remediation plan and reporting Detects vulnerabilities based on what the system is running Most accurate results with detailed proof

9 IndusGuard Cloud Offerings For static or dynamic websites addressing the fundamental basis for daily cloud based automated security For enterprise and e-commerce web applications needing comprehensive management of web security risk and exposures For mission critical websites looking for broad and in-depth security coverage with expert validation and business logic checks

VULNERABILITY ASSESSMENT APPLICATION AUDIT WEBSITE SECURITY SERVICES SUPPORT FOR MULTIPLE URLS MALWARE MONITORING Security Information Centre Comprehensive customizable dashboard Support for Multiple Websites Role Based Access Control Remediation Guidelines Flexible Reporting and Analytics Global Web Security Practices & Industry Standards

Retail, Travel & Entertainment IT/ITES Healthcare & Insurance Government Conglomerates & Others Banking & Financials Customers & Partners 400+ customers worldwide, includes Fortune 500 Thousands of Web Application and Malware Scans since 2010

Our Difference THE RIGHT PRODUCT Broad and Accurate Coverage of Security Issues In Depth Website Scanning Daily Scanning Flexible and Easy to Manage cloud based software Cost Effective Transformational Technology THE RIGHT COMPANY COMMITTED: Towards delivering the best product and solutions for web application security ATTENTIVE: We continuously fine tune and improve our products & solutions for our customers by attentively listening and proactively addressing their security challenges. EXPERIENCED: Our team consists of seasoned professionals who have a proven track record and versatile experience in security.

013 Thank You VADODARA, INDIA A/2-3, 3rd Floor, Status Plaza Opp Relish Resort Atladara Old Padra Road Vadodara – 390020 Gujarat, India T : +91 265 3933000 F : +91 265 2355820 BANGALORE, INDIA 408, 2nd Floor Regency Enclave 4, Magrath Road Bangalore – 560025 Karnataka, India T : +91 80 65608570 +91 80 65608571 F : +91 80 41129296 MUMBAI, INDIA 1357 / 1359, Regus Serviced Offices, Level 13, Platinum Techno Park 17 & 18, Sector 30, Vashi, Navi Mumbai – 400705 Maharashtra, India. T : +91 22 61214961 OTTAWA, CANADA 137 Goodman Drive Kanata, Ottawa K2W 1C7 Ontario, Canada T : +1 613 721 9363 Sales : sales@indusface.com Marketing : marketing@indusface.com Technical : support@indusface.com HOUSTON, USA 1001 Fannin Street, Ste 1250 Houston, Texas 77002 USA T : +1 832 295 1462