Blockchain technology offers a wide range of applications that can be used to decentralize a broad spectrum of systems and render many of the platforms we use today open source. A new blockchain based platform is aiming to decentralize cybersecurity, using white-hat hackers to protect small to medium sized businesses.
Buglab offers these businesses and organizations a solution that identifies and eliminates vulnerabilities in a wide range of systems, from mobile applications, websites, and business applications, to smart contracts and Internet of Things devices.
In order to decentralize this process, Buglab turns penetration testing into challenges, which are referred to on the Buglab platform as “contests” that are intended to attract independent security consultants that possess certified qualifications.
Based in France, Buglab is built on the blockchain, and works in a relatively straightforward manner. Instead of waiting for hackers to attack them and compromise their security, users of the Buglab platform will be able to invite white hat hackers to hack them first and notify them of their security flaws.
How Buglab Works
Buglab contests work simply by inviting a community of professional cybersecurity experts to find vulnerabilities in their mobile apps, websites, smart contracts, and IoT devices. Penetration testers operating on the Buglab platform are subject to a lengthy validation and vetting process, after which they are free to attempt to crack the devices and platforms Buglab users make available for testing.
The Buglab white paper, released in January 2017, presents a succinct explanation of Buglab methodology:
“The buglab methodology links organizations that have information security needs, which is just about all of them, with a community of certified cybersecurity penetration testers in an incentivized environment, where testers are rewarded when they uncover system vulnerabilities, ranked by severity and potential impacts. It’s done as a race against time.”
Users of Buglab are able to select from a number of different options when presenting their platforms and devices for pentesting. It’s possible to either engage the services of the Buglab community as a whole, or select a validated team from a reputable pentesting company.
Buglab offers a range of features that make it possible for users to customize their pentesting approach. Public contests are created by companies that outline their pentesting stipulations and invite the entire Buglab community, whereas Private contests make it possible to select a smaller group of testers.
The platform also offers selection filters that allow users to filter applicants by country, skill score, area, and overall user score. A fix companion function also allows the Buglab team to verify that fixes created by pentesting have been implemented by further testing of the vulnerability.
Buglab also offers a vigilante protocol that enables white hat hackers to notify organizations that are not using the Buglab platform of vulnerabilities that they may not be aware of. This program is intended to allow white hat hackers to share information in an ethical and sustainable manner.
Billing on the Buglab platform is upfront, transparent, and provides fixed-price services for small to medium size businesses and, in the case that no vulnerabilities are found, Buglab provides a full refund. Overall the Buglab platform is set to become the future of pentesting. If you’re interested in keeping up with the latest Buglab developments, it’s possible to connect with the Buglab team on Telegram.