The world is becoming more interconnected and digital. Cybersecurity is still an underrated aspect. Many nations are not aware of the major threats of this interconnected world or are just neglecting it. Even our coffee machine is connected to the internet. It is not uncommon to hear stories about companies being hacked through their coffee machine. One of the possible reasons for this cybersecurity gap is the lack of skilled cybersecurity professionals.
PolySwarm wants to create a decentralized threat intelligence market based on Ethereum smart contracts and blockchain technology. Today’s enterprises rely on an ad-hoc mixture of anti-virus subscriptions, threat intelligence feeds, and assorted dynamic analysis engines to defend against evolving adversarial cyber activity.
But even with all these subscriptions, it’s hard to defend yourself as a company because the human aspect is the weak connection. Nowadays, people bring their own devices to work (smartphone, tablet, laptop, etc.). It’s possible that an employee uses these devices for private use and accidently downloads a virus. When that employee connects to the company network, the virus gets the chance to infiltrate the company’s’ network.
Let’s take the example of ransomware. When your computer gets infected with this specific type of malware, it encrypts your data making it unusable. The attacker demands a ransom from the victim, promising to restore access to the data. CryptoLocker was the first version of this kind of ransomware back in 2013. Since then, a lot of derived and way more advanced ransomware types, like WannaCry, were developed as it became the number one threat. This shows you how easy it is to create new malware and how hard it is for cybersecurity professionals to keep up-to-date with all new threats as they are developing at a crazy speed.
The idea of creating a decentralized threat intelligence market originated when PolySwarm CEO Steve Bassi noticed that talented cybersecurity experts are often tempted by the economic rewards of Black Hat (illegal) activity, rather than White Hat (legal) activity. The threat is also exacerbated by a protection environment that is notoriously “backward” rather than “emerging threat” focused. The result? A global marketplace where bad behavior is frequently more lucrative than good. To make White Hat activity more attractive, PolySwarm incentivizes good (White Hat) behavior.
In addition, PolySwarm grew out of frustration. The team had developed all these cool tools that had narrow, but, deep applications for cyber threat detection and mitigation but didn’t have a way to get them looking at real stuff the enterprise was facing. That’s why they made PolySwarm as they were one of the few security tool shops and it’s hard to get access to all of these tools through one interface. That’s also where PolySwarm comes in: it serves as one big umbrella built from a collection of the best security expertise.
Token Sale and Usage
PolySwarm’s Nectar (“NCT”) tokens form the basis of a new market that introduces novel instruments for satisfying demand for timely and accurate assertions regarding the malintent of files, network traffic, and URLs, collectively referred to as Artifacts.
Nectar’s main selling point is being able to obtain threat detection services from security professionals. The Nectar token forms the link between experts and enterprises.
The Nectar token can also be used by “Ambassadors” on the platform. An ambassador is able to post bounties for determining the maliciousness of a file, URL or other artifact.
At last, Nectar can be used by security professionals to stake their predictions against artifacts. If they are pretty sure of their findings, they can stake a lot of Nectar.
PolySwarm has a very strong team starting with their founder Steve Bassi who serves clients ranging from DARPA to Fortune 500. His co-founder Paul Makowski is an expert on vulnerability research and cryptography with extensive blockchain experience. We want to add Ben Schmidt to this list. He is the director of product security as he has uncovered hundreds of vulnerabilities in widely-used products.
Challenges for PolySwarm
Security experts develop micro-engines capable of autonomously investigating and analyzing the latest threats, while attempting to outperform their competition. These engines will be used as the “proof of work” for PolySwarm as they are measuring the engine historic detection accuracy. It will be a Scaling this and making sure the market is slick and safe for participants is the biggest challenge.
Another challenge will be to connect all the security experts and make them aware of the benefits blockchain has to offer. As security experts are highly technical people, it should be a small hurdle.
PolySwarm defined 5 versions of the platform in their roadmap.
This version includes the deployment of basic bounty smart contracts on the test network.
The beta version will include the offering of smart contracts which will be used by security experts to offer their services. They want to implement Raiden-style channels to achieve a higher throughput and more efficient settlement for each transaction. They call these ‘Offer Channels’ which use a single channel to broadcast multiple ‘Offers’.
The gamma version includes a distributed, searchable registry of Workers and their capabilities. In addition, they want to provide matchmaking features between ambassadors, experts, and Arbiters (reputable threat intelligence vendors who will help to enhance the platform).
The stable version will focus on eliminating bugs and migrate from the testnet to the main network.
Offer a wider range of Offers and Bounties to handle more artifact types.
- Incentivize security experts for White Hat work.
- Combine a lot of micro-engines to create some kind of swarm intelligence.
- Prevent security experts from doing Black Hat work.
- One platform for offering security services and getting in touch with enterprises.
- It will be a tough challenge to create one reliable platform which integrates all micro-engines.
- Performance of the platform, although the Raiden-style solution will help increase performance through channels.
There is a growing need for security experts as our world gets more connected. By incentivizing these experts properly, many will avoid black hat activities. Their primary reason for creating PolySwarm and Nectar is to decentralize the process, allowing for greater security for everyone. The PolySwarm platform also helps security experts to get connected with large firms who are in need of professionals. The key will be for PolySwarm to develop a properly functioning platform which integrates all micro-engines developed by the security experts to get proper assessments for each security threat.