The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Why a New Engine Creation and Management Architecture?

Jun 16, 2021 8:57:47 AM / by Nick Davis posted in Explained, PolySwarm, Research

0 Comments

We recently completed the “New Engine Claiming and Management” milestone on our development roadmap. Our goal was to make it easier for Engine owners to build, configure and test an engine, and then join the PolySwarm Marketplace, so we’ve completely redesigned the architecture.

Read More

Security Telemetry: New utility use for Nectar (NCT)

May 17, 2021 3:05:27 PM / by PolySwarm Team posted in Explained, PolySwarm, Blockchain

0 Comments

Today we introduce a new utility use for PolySwarm’s Nectar token for average users: distributing rewards for security-relevant data about TLS certificates, DNS resolutions, and potentially malicious files encountered in daily computer use. Many of these telemetry sources are already collected from user devices by Antivirus (AV) providers. Still, there are a number of serious issues with how they are collected, how users are compensated for their information, and how these results are shared. By re-imagining how this marketplace works, we can increase collection transparency, fairly compensate all participants in the marketplace, and, most importantly, create a more unified source of security telemetry that will better protect users worldwide.

In our original whitepaper, we discussed the fragmentation of the AV market and how, in its current form, this fragmentation leads to worse outcomes for users in the marketplace. However, this fragmentation is not limited simply to the world of scanner providers: it affects many other parts of the security industry as well. As we built the PolySwarm marketplace, we realized that many of the disparate pieces of security information our customers were trying to connect are often ones that exist, but in practice, are inaccessible due to the fragmentation of the market.

To attack this problem, we are extending our original design and adding a decentralized marketplace for security telemetry. Users will install a browser extension and, later, a system daemon that reports their telemetry, using privacy-sensitive data structures. Telemetry reports are received by Aggregators and are associated with a reporting user’s wallet, allowing querying by PolySwarm’s cyber security focused consumers who pay for query hits in NCT. Everyday users get paid to provide this telemetry, and, Aggregators and backers with NCT get rewarded for timely telemetry that highlights high-priority attacks and under-the-radar malware campaigns.

This new marketplace provides immediate benefits to all participants. Users get more control over their data and are actually compensated for the value they provide, as well as receive early warnings about threats they have encountered. Aggregators are no longer dependent on their own install base for data and earn NCT for providing query computation and telemetry validation. Stakers help the network determine the most useful sources of telemetry and help reduce the threat of spam on the network, for which they also earn a portion of NCT. Finally, Consumers will now be able to access a truly worldwide network to find the data they need to identify and fight emerging threats.

At PolySwarm, our mission is to bring the security community and users worldwide together to fight malware. By leveraging Ethereum’s global, decentralized network, our new marketplace will greatly further our efforts to bring these groups together by enabling (and incentivizing!) everyone to help solve this difficult problem.

Read the whitepaper here

Read More

Progress to date and key milestones ahead

Mar 26, 2021 11:56:41 AM / by PolySwarm Team posted in PolySwarm, Product

0 Comments

The last 12 months have been intense yet very productive for PolySwarm, as we have scaled our platform, fast-tracked user acquisition and released new key features.
Let’s do a quick recap of what we’ve accomplished before we get into what lies ahead of us.

Read More

How to buy PolySwarm Nectar using Uniswap

Mar 24, 2021 10:32:06 AM / by Blake Reyes posted in Explained, PolySwarm, Blockchain

0 Comments

Introduction

Read More

PolySwarm now integrated with leading SOAR platform ThreatConnect

Apr 13, 2020 10:30:04 AM / by PolySwarm Team posted in PolySwarm, Product, Partner

0 Comments

Enterprises, OEMs, MSSPs can now access PolySwarm's novel file reputation and threat detection services via leading SOAR platform ThreatConnect, Inc.

ThreatConnect users can access PolySwarm--a crowdsourced threat detection tool, that enables better detection against new and emerging malware--for file reputation and threat intelligence. Cyber analysts using ThreatConnect's Security Operations Platform can download and operate the solution from a single pane of glass.

Read More

PolySwarm engine spotlight: researcher-driven engines detecting new and emergent malware

Mar 30, 2020 10:18:27 AM / by PolySwarm Tech Team posted in PolySwarm, Product, Research, Partner

0 Comments

To put it simply, there are some really cool threat detection technologies on the PolySwarm marketplace. As a recap, here at PolySwarm, we aggregate research-driven threat detection engines---both from AV companies and individual, specialized security experts---that compete in real-time to detect threats. Enterprises and individuals using PolySwarm benefit from deeper coverage of the malware landscape and unique threat intelligence from this aggregated network of engines. 

Read More

PolySwarm Communities: Public vs Private

Mar 2, 2020 1:43:28 PM / by PolySwarm Tech Team posted in PolySwarm, Product

0 Comments

PolySwarm is a threat intelligence marketplace where users upload suspect artifacts (files, URLs, etc.) and receive threat intelligence in return. While legacy multiscanners like VirusTotal, offer a similar service, they often neglect the confidentiality needs of malware analysts, researchers, SOC teams, etc. that want restricted access and/or deeper levels of control on malware-sample sharing. 

Read More

PolySwarm and Anomali integration: malware intelligence and enrichment APIs for ThreatStream

Feb 28, 2020 4:00:00 AM / by PolySwarm Team posted in PolySwarm, Product, Partner

0 Comments

As the volume and complexity of cyber threats increase, contextualizing and prioritizing incidents becomes critical. In addition to the well reported security shortage of talent in this industry, enterprise SOC teams are required to deal with an ever-growing queue of alerts. 

Read More