Interview with Dennis Maina, Founder of DentriceDev Solutions

Shauli Zacks Shauli Zacks

SafetyDetectives spoke with Dennis Maina, founder of DentriceDev Solutions, about what motivated him to start his company, the cybersecurity challenges that he faces while developing websites and apps, and the necessary steps to recover a hacked website.   

Can you talk about your journey and how you started in IT and
development?

My progress was slow and steady because I was also improving other parts
of my life that have helped me become a better person and ultimately a
better developer. Now that I am a Software Engineer, I get to work with
amazing teams from all over the world. To wake up every day knowing that
I get to do what I love is what has kept me motivated along the way.

Unlike many Tech Gurus who “started coding” when they were 5, I only
knew about the computer world and the infinite possibilities it holds
while I was searching for a course to do for my degree. That’s when I
stumbled upon the Software Engineering course, not knowing what it
entailed but decided to give it a shot. Having no prior experience with
code, I felt lost and didn’t understand the value of the concepts of
algorithms and computer designs/systems. It felt as though the program
was geared toward people who already knew how to code.

After two years when I finally had a grasp of these concepts and had a
working coding knowledge in web design, I decided to launch a web design
company and invited a few classmates to join me in the development work
part-time as a side hustle.

Getting the first client was the biggest hustle having no proven track
record and having strong companies to compete with yet with minimal
knowledge. When we finally landed our first client (Gendynasty(not in
business now)), they gave us hope by giving us a chance to show what we
can do. We delivered an amazing website and they ended up referring
other clients to us.

And that marked the beginning of an amazing adventure of exploring the
limits of technology. And with that, DentriceDev Solutions was born.

What motivated you to start DentriceDev Solutions?

The idea of creating something from the ground up has always resonated
well with me.

At the start, DentriceDev Solutions was created to earn extra money as a
sophomore to handle the crazy university tuition and expenditures.

What are some of that main services that DentriceDev Solutions
offers?

DentriceDev Solutions offers services ranging from;

  1. Web Application development.
  2. Mobile Application development.
  3. Digital Marketing
  4. Server Management.
  5. website maintenance.
  6. IT Consultancy.
  7. Search Engine Optimization.
  8. Outsourcing Services.

What are some of the cybersecurity challenges that your team faces
when building websites and mobile apps?

When building websites with forms, we’re always careful in handling
user-submitted data and make sure it undergoes proper sanitation to
prevent SQL injection attacks.

Another general challenge is that of an insider attack where an employee
with malicious intent can expose confidential data to an unintended
audience. To handle this we make sure our ACL gives each user minimal
permissions to only perform what they are supposed to do.

When it comes to mobile apps, one of the greatest threats is reverse
engineering, especially subscription-based systems when an attacker can
reverse engineer to figure out a way to bypass the measures in place.
another issue is insecure communication which is often overlooked when a
developer sees some communication as unimportant and fails to encrypt
it, then it turns out in hindsight that it was important after all.
In general, DDoS attacks are the most common type of attacks that we
face daily. Despite setting up throttling in our API endpoints, we
advise our clients to pay for services like Cloudflare to add a layer of
protection against such attacks or host their entire application
back-end on AWS and set up WAF and Shield Advanced to protect their
systems.

What are some of the best tools to secure a website from hackers?

The most critical tool is writing clean and secure code. And since no
code is purely unbreakable, external tools come into play.
Some of the tools we utilize include Cloudflare and AWS. These come in
handy while protecting against DDoS attacks.

How can a small business owner reclaim a website that has been
hacked?

  1. The first step would be to inform your hosting provider about the
    incident. In most cases, the hosting provider will be able to know how
    to fix the problem much better than you.
  2. Take the site offline. Next, you should take the website offline to
    analyze the damage and the affected pages. This will give you a better
    chance of finding where the intruders got into the system and removing
    their malicious code.
  3. Assess the damage. If your site holds sensitive customer data, make
    assess the damage to know what has been compromised to take the
    appropriate steps in recovering and securing the data better.
  4. Identify the vulnerability. You’ll need to identify the vulnerability
    and patch it before bringing your site back up online.
  5. Server cleanup. After all is done, it’s essential to clean up the
    server to remove and correct damage to the file system that might have
    been caused, restore backups that were created before the site was
    compromised, and do software updates.

From an online security perspective, is it better to use a platform such as WordPress, which has built-in security and plugins, or a custom-built website?

A custom-built website has better security than WordPress.
When using WordPress, there’s a better chance that most or some of the
plugins your website is using are vulnerable to an attack or have been
placed strategically by an attacker masquerading as legit work.
Also, WordPress uses MD5 to hash sensitive data, which is one of the
weakest algorithms to break from an attacker.

About the Author

About the Author

Shauli Zacks is a tech enthusiast who has reviewed and compared hundreds of programs in multiple niches, including cybersecurity, office and productivity tools, and parental control apps. He enjoys researching and understanding what features are important to the people using these tools.