The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm Team

Find me on:

Recent Posts

QiAnXin joins the PolySwarm marketplace

Sep 1, 2021 8:30:21 AM / by PolySwarm Team posted in Partner, Engine

0 Comments

"As a unique malware detection and threat intelligence data platform, PolySwarm's crowdsourced model substantially improves the ability to explore, enrich, and mine malware data, which directly benefits the infosec community. Qi An Xin is excited to partner with PolySwarm to continue to innovate” Liejun Wang, Director of Threat Intelligence at QiAnXin.


QiAnXin has integrated with Polyswam its RedDrip APT scanner (RAS), a detection engine with the ability to scan files and determine the APT group behind the attacks. RAS engine uses a custom file that contains malware patterns to identify the corresponding APT Groups. The insight comes from monitoring and tracking conducted by the RedDrip Team researchers and analysis systems.

“We welcome Qi An Xin as a new participant in PolySwarm’s marketplace. We strive to bring specialized engines that contribute to the ecosystem, and Qi An Xin’s RedDrop APT scanner brings unique insight into Chinese malware and the actors behind them” stated Steve Bassi, CEO of PolySwarm.

About Qi An Xin

Read More

Security Telemetry: New utility use for Nectar (NCT)

May 17, 2021 3:05:27 PM / by PolySwarm Team posted in Explained, PolySwarm, Blockchain

0 Comments

Today we introduce a new utility use for PolySwarm’s Nectar token for average users: distributing rewards for security-relevant data about TLS certificates, DNS resolutions, and potentially malicious files encountered in daily computer use. Many of these telemetry sources are already collected from user devices by Antivirus (AV) providers. Still, there are a number of serious issues with how they are collected, how users are compensated for their information, and how these results are shared. By re-imagining how this marketplace works, we can increase collection transparency, fairly compensate all participants in the marketplace, and, most importantly, create a more unified source of security telemetry that will better protect users worldwide.

In our original whitepaper, we discussed the fragmentation of the AV market and how, in its current form, this fragmentation leads to worse outcomes for users in the marketplace. However, this fragmentation is not limited simply to the world of scanner providers: it affects many other parts of the security industry as well. As we built the PolySwarm marketplace, we realized that many of the disparate pieces of security information our customers were trying to connect are often ones that exist, but in practice, are inaccessible due to the fragmentation of the market.

To attack this problem, we are extending our original design and adding a decentralized marketplace for security telemetry. Users will install a browser extension and, later, a system daemon that reports their telemetry, using privacy-sensitive data structures. Telemetry reports are received by Aggregators and are associated with a reporting user’s wallet, allowing querying by PolySwarm’s cyber security focused consumers who pay for query hits in NCT. Everyday users get paid to provide this telemetry, and, Aggregators and backers with NCT get rewarded for timely telemetry that highlights high-priority attacks and under-the-radar malware campaigns.

This new marketplace provides immediate benefits to all participants. Users get more control over their data and are actually compensated for the value they provide, as well as receive early warnings about threats they have encountered. Aggregators are no longer dependent on their own install base for data and earn NCT for providing query computation and telemetry validation. Stakers help the network determine the most useful sources of telemetry and help reduce the threat of spam on the network, for which they also earn a portion of NCT. Finally, Consumers will now be able to access a truly worldwide network to find the data they need to identify and fight emerging threats.

At PolySwarm, our mission is to bring the security community and users worldwide together to fight malware. By leveraging Ethereum’s global, decentralized network, our new marketplace will greatly further our efforts to bring these groups together by enabling (and incentivizing!) everyone to help solve this difficult problem.

Read the whitepaper here

Read More

SentinelOne joins the PolySwarm marketplace

Apr 8, 2021 12:17:20 PM / by PolySwarm Team posted in Partner, Engine

0 Comments

 

Read More

Kaspersky joins PolySwarm’s marketplace as an arbiter

Apr 1, 2021 1:33:30 PM / by PolySwarm Team posted in Partner, Engine

0 Comments

Read More

Progress to date and key milestones ahead

Mar 26, 2021 11:56:41 AM / by PolySwarm Team posted in PolySwarm, Product

0 Comments

The last 12 months have been intense yet very productive for PolySwarm, as we have scaled our platform, fast-tracked user acquisition and released new key features.
Let’s do a quick recap of what we’ve accomplished before we get into what lies ahead of us.

Read More

Inlyse joins the PolySwarm threat intelligence marketplace

Feb 8, 2021 11:12:59 AM / by PolySwarm Team posted in Partner, Engine

0 Comments

“We are proud to be partnering with Polyswarm, and being part of their launchpad for new technologies and innovative threat detection methods” stated Julian Ziegler, Co CEO of Inlyse.

Read More

Cyberstanc joins the PolySwarm threat intelligence marketplace

Oct 29, 2020 11:21:40 AM / by PolySwarm Team posted in Partner, Engine

0 Comments

"Cyberstanc is thrilled to collaborate with Polyswarm's initiative of creating a fully crowd sourced malware detection platform.” said Cyberstanc Founder and CEO Rohit Bankoti. “We strive to address latest challenges with constant innovations and hope to deliver benchmark cybersecurity posture for the community"

Read More

Introducing PolyScore™, the most advanced threat scoring algorithm for malware

May 18, 2020 12:27:03 PM / by PolySwarm Team posted in Product

0 Comments

PolySwarm announced today the release of PolyScore™, a threat scoring algorithm that provides the probability a given file contains malware in a single, authoritative number.   

Read More