The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Keynote from PolySwarm CTO at DEF CON: Blockchain-Security Symbiosis

Aug 20, 2019 4:20:04 PM / by PolySwarm Team

Cybersecurity and blockchain technology share a symbiotic relationship. On one hand, blockchain ecosystems that aren’t secure, aren’t useful. On the other hand, blockchain technology unlocks new options for securing systems, infrastructure and more.
 
PolySwarm Co-Founder and CTO Paul Makowski was invited to give the Day 2 Keynote talk at DEF CON Blockchain Village (2019) in Las Vegas. DEF CON (which follows on the heels of Black Hat) is one of the most well-known hacker conferences in the world, bringing together security researchers, cybersecurity experts, and other infosec people from around the world. Makowski presented
a thought-provoking talk examining blockchain and security from both sides of the coin: a look back at advances (and missteps) in securing blockchains and a look forward to security applications of blockchain technology. Watch the full presentation here: 
 
 
***
PolySwarm, as an example, uses blockchain as its underlying technology to facilitate and execute what we call a ‘threat bounty’ while also providing malware-detection performance transparency.
 
Here's a deeper explanation of PolySwarm and how it works:
 
The PolySwarm marketplace is a free community made up of a crowdsourced network of security experts and antivirus companies' malware scanning engines; these experts and companies get rewarded (via payment facilitated and tracked on the blockchain) when they correctly assert on a potentially malicious file or URL that someone - lets say a security analysts at an enterprise using PolySwarm - submits into the PolySwarm marketplace. This system of a monetary reward in exchange for a correct assertion about a threat, is a 'threat bounty.' The threat bounty is made possible by blockchain in order to 1.) distribute payment to the malware engine/s that correctly assert and 2.) store the history of the performance of the malware engines on the PolySwarm marketplace. This allows for full transparency of engine performance and immutable results that can never be altered of changed. See engines in action, competing on PolySwarm, here. 

Threat bounties - like familiar bug bounties - tap into the concept of crowdsourcing and leveraging the wisdom of the crowd to get wider perspective on threats, allowing enterprises to expand their internal security teams with diverse and specialized expertise in a cost efficient way. Threat bounties use economic rewards (facilitated through the blockchain, at speed and scale) and include a competitive component to incentivize accuracy and quality outputs.

 
PolySwarm CEO Steve Bassi sums up why PolySwarm and its decentralized system is needed: 
***
 
Connect with PolySwarm here:  
 

Topics: Explained, PolySwarm, Blockchain, Threat Bounty, Speaking, events

PolySwarm Team

Written by PolySwarm Team