Interview With Vivek Ramachandran Founder of Security Tube.net
1. Can you introduce yourself to Security Kaizen Readers? (your biography, experience, …etc)
My name is Vivek Ramachandran, I am the Founder and Chief Trainer at SecurityTube.net. I discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. I am also the author of the book “Backtrack 5 Wireless Penetration Testing“. My book “The Metasploit Megaprimer” focussed on Advanced Metasploit usage for Pentesting and Exploit Development is up for release in June 2012.
I currently run the SecurityTube Wi-Fi Security Expert (SWSE) and the SecurityTube Metasploit Framework Expert (SMFE) online course and certifications which are currently being taken by students from over 40+ countries around the world. I also conduct in-person trainings in the US, Europe and Asia.
In a past life, I was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. I was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. I had also published multiple research papers in the field of DDoS, ARP Spoofing Detection and Anomaly based Intrusion Detection Systems. My work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. I had spoken/trained at top conferences around the world including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc.
2. Can you give us more information about your web site “securitytube.net” (its goal, services provided,…etc)
SecurityTube.net was founded in 2007 to serve as a platform for security knowledge sharing using videos. Today, we feel we are positioned to build an information security knowledge portal around securitytube which will be free for everyone to use.
3. What made you take the Free Information Sharing Route instead of selling your knowledge?
I grew up in India living with my grandparents. My grandmother was a teacher in a city school and in the evenings she used to teach poor students for free. She always felt that if quality education could be provided to one and all, without a bias towards who can afford or not, then the world would be a better place. This value system stuck with me forever and has been the guiding light to me in making quality content free to one and all. I am proud to announce that SecurityTube is the only infosec training company which provides its core content for free to everyone and only charges when you want to certify.
4. When did you start securitytube.net and how did the idea come to your mind?
During my interaction with students and infosec enthusiasts, I found that most of them could not find quality learning material for free and thus found it very difficult to enter the field. There were good quality courses and certifications available even back then, but the cost was exorbitant. I thus decided to start ST to create a free yet valuable knowledge resource.
5. What Problems did you face at the beginning?
In order of difficulty:
• I used to make large videos, but my Internet connection in India was so slow that I could not upload the videos Had to really work to bring down the video size.
• My accent was difficult to follow for many, but now I’ve managed to try and have a neutral accent as much as possible
• Hosting and Video bandwidth was very expensive and I had to really cut down on my expenses to fund the site from my own pocket.
6. When did you feel that securitytube.net idea will boom ?
I really don’t know. Infosec has become more important than ever today, and thus infosec education is definitely a MUST HAVE for most, rather than a good to have. I am just happy people enjoy the site and the videos.
7. Did you make any marketing for your website or it is just the word of mouth that brought you traffic
In the beginning, I used to cross post my videos to various forums on the Internet to get people to use. I never spent a $ on any formal marketing. Today, most of the links posted on the Internet are by our visitors and thus drives our traffic.
8. Do you have a team behind that amazing work or it’s only you?
Till the time I was running ST as a side project, I was pretty much alone with help from some community members like Amit Vartak, Vitomir, Prateek, Andrew, Bennett.
Once i decided to offer certifications, I had my old friend Shubhi Saxena join me as a partner and then we hired our first engineer Ashish to help build the site further.
We are still continuing to get part time help from our friend Bennett, Prateek and others.
In my mind, all the visitors to SecurityTube are our extended team. I really wish to meet all of them someday face-to-face.
9. can you give us some statistics about your website now e.g number of videos uploaded, number of users watch your videos per month,… etc
We get over 100,000+ unique visitors per month and have averaged around 1 million unique visitors in the past year. We have over 15,000 registered users and around 100 unique uploads per month.
10. What do you ask from Security Kaizen readers to do regarding securitytube.net ? (More comments about your videos, upload more videos ,..etc)
I would request your users to use the website, download all the free content and our courses and share them with everyone. If they are good in a particular topic in Infosec, then they could even make videos and share it with others.
11. Why did you choose Metasploit to be your first Certificate and do you get any support from Rapid7?
Our first certification was the SecurityTube Wi-Fi Security Expert (SWSE) and born out of the lack of quality practical certifications in the field of Wi-Fi security. Also, most people had a misconception that Wi-Fi Security is all about WEP cracking, when it is actually way beyond that. This is what the course illustrates.
Metasploit is a fantastic tool and we wanted to leverage it to show what are the fantastic things one can do with it during a pentest. The SecurityTube Metasploit Framework Expert (SMFE) is a SecurityTube offering, Rapid 7 or the Metasploit team has no involvement in it. We are however very thankful to them for creating such an amazing tool. With the Metasploit tool, we also launched our online live labs where we have a dozen vulnerable machines which our students can exploit and learn new techniques at their own pace.
12. What is your plan for 2012.Are you thinking of new certificate or any improvements in securitytube.net?
We are planning to line up a couple of new certifications and also re-design the whole website Stay tuned and keep coming to the site for it
13. What is your Comment about Security Kaizen Magazine? And what is needed to rank it as one of the best magazines in Information Security field in the world?
You have a fantastic magazine in place with a motivated team pushing it. I am sure that Security Kaizen will emerge as one of the better magazines in the world.
The most important task is to ensure that you create and publish new and relevant articles so that your readers look forward to every edition.
14. In your opinion, what are the top 5 magazines in the Security World?
Every magazine has its own merits and demerits. Having run a community website I know it takes a lot of effort to create something and put it in front of the world. In this spirit, I personally would like to encourage everyone rather than create a top 5 list
15. Which Security Conferences are you keen to attend every year?
Defcon for sure. I love the crew and friendly atmosphere at Brucon, SecurityZone and Hacktivity. These are definitely must-attends for me.