Bolster is an AI platform that automates the detection and remediation of phishing and scam activities across the Internet. Pulse 2.0 interviewed Bolster co-founder and CTO Shashi Prakash to learn more about the company.
Shashi Prakash’s Background
What is Shashi Prakash’s background? Prakash said:
“I am the co-founder and CTO of Bolster, where I have led the company’s engineering efforts since our inception in 2019. I have extensive experience working at the intersection of cybersecurity and AI, with a background in threat research and machine learning. Prior to co-founding Bolster, I was a leading security researcher at Cisco Talos Security Intelligence and Research, where we developed advanced machine learning algorithms to catch billions of spam messages and content.”
Formation Of Bolster
How did the idea for the company come together? Prakash shared:
“I co-founded Bolster in 2017 with Abhishek Dubey, having worked together in the past at the Cisco Talos Threat Research Group. Together, we created a free community tool named CheckPhish to help threat researchers analyze phishing links in real time to help combat the growing surge in phishing attacks. From our free tool we provided to their research community, we realized that organizations not only needed advanced threat detection and analysis, but also automation and takedown services to complete the threat protection challenge. This was how Bolster was born – an AI-powered phishing protection platform that detects and remediates phishing and impersonation attacks across all digital channels.”
“Understanding how and whether impersonation and phishing may be unfolding across web, social, darkweb, and mobile app stores channels is key to detecting attacks and eliminating them as quickly as possible, ideally before they reach an email box. Bolster provides this early warning and precise, automated detection and protection platform if an attack does occur, using AI to better understand and eradicate threats.”
“Bolster is deploying AI for good, using automated detection and eradication of malicious and fake web and mobile websites, app stores, social media accounts, and more.”
Favorite Memory
What has been your favorite memory working for the company so far? Prakash reflected:
“My favorite memory from Bolster so far has to be the sight of the teams’ dedication to working towards a common objective and celebrating victories together along the way. I get to see the passion and hard work of our team every day, and how they pooled their collective skills towards the development of an AI-empowered security solution that’s bringing a safer online environment for global consumers. I’m confident that the continued enthusiasm and spirit displayed by our employees will significantly contribute to the growth and expansion of Bolster for years to come.”
Core Products
What are the company’s core products and features? Prakash explained:
“Bolster has built a comprehensive suite of AI-powered detection and takedown tools to handle each customer’s unique cyber-risk needs and challenges. Our four main platform capabilities are domain monitoring and takedowns, mobile app store protection, social media scam protection, and dark web monitoring.”
“Our Domain Monitoring and Automated Takedown product not only scans the entire internet for lookalike domains and fake sites, but proactively can identify potential variants of a domain to keep businesses ahead of hackers. Once our AI-powered database flags phishing domains, we can instantly take down the threat, and can suggest domains for a team to proactively purchase to protect their domain authority.”
“With Social Media Protection, our technology identifies fake social media accounts, executive impersonation, fake job postings, and more, and will work with social media providers to take down social media scams faster than you can on your own. With our in-house machine learning tool, we can prevent fake pages, logo abuse, fake ads, phishing campaigns, and more from damaging a social media presence.”
“Our Mobile App Store Monitoring provides immediate visibility and control of mobile app store scams targeting a brand. We actively monitor over 500 app stores for uses of a customer’s brand and fake app store postings that aren’t theirs. We take down the fake apps immediately, using our CoPilot technology to reduce the conversation time with hosting providers and dramatically reduce the time a fake app stays active.”
“Our Dark Web Monitoring tool provides our customers with instant visibility into where specific threats exist on the dark web so security teams can act quickly and accurately to protect their data. With visibility into all corners of the dark web, we can provide a team with actionable, business-critical data that is exposed on the dark web, so they can notify victims of exposure and take action to protect their company.”
“Finally, I have to mention our original, but sought-after tool CheckPhish. With CheckPhish, teams can scan URLs for variants of the domain, and gain access to the CheckPhish community. Here, security leaders and technology experts can access real-world conversation and participate in discussion to improve our collective understanding of the cybersecurity landscape.”
Challenges Faced
What challenges have Prakash and the team faced in building the company? Prakash acknowledged:
“I would say our biggest challenge as a company has been differentiating ourselves from the sea of organizations jumping on the AI-bandwagon. Especially within the last calendar year, AI has become the hottest trend, not just in cybersecurity.”
“Bolster has been harnessing the power of Large Language Models and AI-driven solutions since our foundation, so presenting our powerful technology accurately while not getting overpowered by bigger names with bigger claims has been an interesting challenge to overcome. Our team is fearless though, and the technology really speaks for itself. When it comes down to the problem of multi-channel phishing and impersonation scams, and handling the growing scale of threats, our product is really the best on the market, and our customer names speak for themselves.”
Evolution Of Bolster’s Technology
How has the company’s technology evolved since launching? Prakash noted:
“Bolster has been training datasets in-house since 2019 and has trained on over 150 terabytes of structured data. Because of our large, structured datasheets and long history in machine learning, Bolster has perfected our validation scores to minimize any chance of error (less than .001 false positive score), and accurately detect cyber threats as soon as they materialize across multiple channels.”
“We have built our own disposition engine that not only accurately categorizes malicious content online, but we also assign a risk score to match an organization’s given risk tolerance. This allows for organizations to quickly identify a threat, categorize, and automate a response across web, social media, app store, and the dark web – reducing their total attack surface and increasing security hygiene.”
Significant Milestones
What have been some of the company’s most significant milestones? Prakash cited:
“It’s been a truly innovative and inspirational first few years at Bolster. We just hit a major milestone with our Series B funding round, bringing our total funding to over $40 million. We had many moments to reflect on company growth, from opening our office in Noida, India, to reaching the 100-customer mark in early 2023. As someone who works closely with the engineering team, it was great to launch our Dark Web Monitoring Module in 2022 to provide customers with an accurate and actionable tool for monitoring critical data on the dark web.”
Customer Success Stories
After asking Prakash about customer success stories, he highlighted:
“We’ve had the pleasure of witnessing many successes alongside our customers, who’ve used our suite of detection and takedown technology to protect their online clothing buyers, ensure safety for their online gaming communities, and safeguard personal and company financials, just to name a few. Most recently we were able to share the story of how fast-growing athleisure brand YoungLA uses Bolster’s web protection and social media takedown technology to protect their loyal customer base from the onslaught of impersonation scams targeting their brand.”
“With their growing popularity came increased attention from online attackers creating fake websites and ads pretending to sell YoungLA items. Bolster was able to rapidly detect and evaluate threats and automate takedowns through APIs or conversational AI. We were able to take down over 200 fake websites for YoungLA in their first 6 months’ implementation, which truly took the pressure off our contacts on their security team and allowed them to shift their focus back to their own customers.”
Funding
Upon asking Prakash about the company’s funding, he revealed:
“Bolster announced on May 22, 2024, a $14 million Series B financing round led by new investor M12, Microsoft’s venture fund. Existing investors Thomvest Ventures, Crosslink Capital, Liberty Global Ventures, Cheyenne Ventures, Cervin Ventures, and Transform Capital also participated. The financing brings Bolster’s total funding to over $40 million.”
Total Addressable Market
What total addressable market (TAM) size is the company pursuing? Prakash assessed:
“It is evident that the Threat Intelligence Market is experiencing significant growth due to increased investments in R&D by governments and enterprises, as well as a surge in demand for professional and managed security services. Our company can address this growing market, estimated to be about $12 billion in value, by focusing on developing robust threat intelligence solutions that cater to the protection of critical online business infrastructures.”
Differentiation From The Competition
What differentiates the company from its competition? Prakash affirmed:
“Bolster offers a platform that protects against malicious online activity across all the digital channels. The product is divided into the different channels: open web, social media, app stores, and dark web. The product is priced per channel module and based on a SaaS model.”
“Bolster has not only led the way in producing a differentiated AI engine that automates risk remediation but has also continually expanded capabilities delivering a platform that guarantees defense as threats evolve. Digital transformation accelerated by the global pandemic has provided both ease for business operations, but also more opportunities for malicious actors. While tech, financial, healthcare, and e-commerce sites remain prominent targets, there are no industries with an online presence left unscathed by hackers. As organizations continue to adopt more AI-capabilities to do business, it’s imperative to understand evolving risks targeting your business and implement effective solutions to mediate and eliminate online risk.”
“Bolster offers a unique and industry-leading platform that combines computer vision, natural language processing, and deep learning models to mimic how a skilled SOC analyst looks at and categorizes malicious activity online. With 100ms verdicts and 1/100,000 false positives, Bolster’s AI is lightspeed faster than manual work, and more accurate than others on the market. Bolster can detect and takedown malicious activity anywhere on the web, social media, app stores, marketplaces. The Bolster platform saves customers hours to days on takedown and managing digital threats, with an average API-based take down time of two minutes, with 95% of all responses requiring no manual intervention.”
Future Company Goals
What are some of the company’s future company goals? Prakash concluded:
“Our future goals focus on growth on all fronts. We currently have 72 employees and are looking to double the headcount by the end of 2024. We want to continue to grow our AI-backed digital risk solutions and GTM initiatives, strategically prioritizing executive monitoring, business email compromise (BEC) attack detection and takedown, and threat-hunting automation. We want to continue to work with our customers to proactively identify new threat types and how hackers are using AI to facilitate attacks, staying ahead of the curve in multi-channel threat identification.”
