Keynote from PolySwarm CTO at DEF CON: Blockchain-Security Symbiosis

Cybersecurity and blockchain technology share a symbiotic relationship. On one hand, blockchain ecosystems that aren’t secure, aren’t useful. On the other hand, blockchain technology unlocks new options for securing systems, infrastructure and more.

PolySwarm Co-Founder and CTO Paul Makowski was invited to give the Day 2 Keynote talk at DEF CON Blockchain Village (2019) in Las Vegas. DEF CON (which follows on the heels of Black Hat) is one of the most well-known hacker conferences in the world, bringing together security researchers, cybersecurity experts, and other infosec people from around the world. Makowski presented

a thought-provoking talk examining blockchain and security from both sides of the coin: a look back at advances (and missteps) in securing blockchains and a look forward to security applications of blockchain technology. Watch the full presentation here:

***

PolySwarm, as an example, uses blockchain as its underlying technology to facilitate and execute what we call a ‘threat bounty’ while also providing malware-detection performance transparency.

Here's a deeper explanation of PolySwarm and how it works:

The PolySwarm marketplace is a free community made up of a crowdsourced network of security experts and antivirus companies' malware scanning engines; these experts and companies get rewarded (via payment facilitated and tracked on the blockchain) when they correctly assert on a potentially malicious file or URL that someone - lets say a security analysts at an enterprise using PolySwarm - submits into the PolySwarm marketplace. This system of a monetary reward in exchange for a correct assertion about a threat, is a 'threat bounty.' The threat bounty is made possible by blockchain in order to 1.) distribute payment to the malware engine/s that correctly assert and 2.) store the history of the performance of the malware engines on the PolySwarm marketplace. This allows for full transparency of engine performance and immutable results that can never be altered of changed. See engines in action, competing on PolySwarm, here.

Threat bounties - like familiar bug bounties - tap into the concept of crowdsourcing and leveraging the wisdom of the crowd to get wider perspective on threats, allowing enterprises to expand their internal security teams with diverse and specialized expertise in a cost efficient way. Threat bounties use economic rewards (facilitated through the blockchain, at speed and scale) and include a competitive component to incentivize accuracy and quality outputs.

PolySwarm CEO Steve Bassi sums up why PolySwarm and its decentralized system is needed:

“Currently, incident response teams in organizations primarily use VirusTotal as the go-to ‘database’ to determine whether a suspicious file or artifact is malicious, but our platform is more effective for a number of reasons. PolySwarm is differentiated by economic incentives to increase quality and effectiveness of threat identification. Scanning engines in PolySwarm are rewarded for accurate determinations in their fields of expertise, which means enterprises using our subscription service benefit from broader coverage and increased accuracy. Security analysts and large companies that need to detect threats and keep them out of their networks benefit from the combined wisdom of detection tools from around the world — rather than the limited protection provided by a single security vendor.”

Interested in trying PolySwarm? It's free and easy to get started. Check it out, here.

***

Connect with PolySwarm here:

Website: https://polyswarm.io

Github: https://github.com/polyswarm

Twitter: http://twitter.com/PolySwarm

Instagram: https://www.instagram.com/polyswarm/

Telegram: https://t.me/PolySwarm

Reddit: http://reddit.com/r/polyswarm

Facebook: https://www.facebook.com/PolySwarm