IBM X-Force Red introduces Blockchain Security Testing Service

IBM X-Force Red introduces Blockchain Security Testing Service

IBM X-Force Red announced Blockchain Security Testing Service offering to address security flaws in Blockchain design and implementations.

The X-Force Red team collaborates with IBM Blockchain team to find the potential security risks in the blockchain technology stack and share their expertise from an architectural, operational, and deployment perspective. This newly launched Blockchain testing service includes independent testing of IBM Blockchain implementations and non-IBM affiliated implementations, the announcement said.

IBM X-Force Red's white-hat hackers perform penetration testing of blockchain networks with the help of the same tools, techniques, practices, and mindsets as criminals or black hat hacker would use.  IBM's X-Force Red team helps their clients identify, fix vulnerabilities and secure their enterprise-grade blockchain implementations from network design to the deployment of their blockchain solution.

Executive Opinion

Global Head of IBM X-Force Red, Charles Henderson, said, "While blockchain is a breakthrough for protecting the integrity of data, that does not mean the solutions that leverage it are immune from attackers, which is why security testing is essential during development and after deployment. If we look at mobile applications, cloud computing, and even personal computers – all these innovations needed to adopt policies and techniques for security after they grew in popularity. Blockchain presents businesses with an opportunity to break that trend."

The Blockchain Growth & Security concerns

According to the IDC report, blockchain spending expected to reach a five-year (2016-2021) compound annual growth rate (CAGR) of 81.2% and with total spending of $9.7 billion in 2021.

Though blockchain is considered to be transparent, tamperproof and secure, the blockchain based solutions will still rely on traditional technologies used in the processes like authentication, data processing, Application Programming Interfaces (API), networks, applications, hardware, and personnel. These can expose organizations to security vulnerabilities despite implementations of blockchain technology is at the core of business solutions.

The IBM X-Force Red Blockchain Testing service will look at Smart Contract flaws (chain code), public key infrastructures like secure creation, management, and distribution of digital certificates and hyperledgers along with backend processes like authentication, data processing, and Application Programming Interfaces (API).

The announcement also noted that the IBM X-Force Red team use vulnerability assessments, vulnerability management programs, adversary simulation exercises, and manual penetration testing to help organizations identify and fix vulnerabilities before criminals find them.


Note: We at TechSutram take our ethics very seriously. More information about it can be found here.
Mandar Pise Opinions expressed by techsutram contributors are their own. More details

Mandar is a seasoned software professional for more than a decade. He is Cloud, AI, IoT, Blockchain and Fintech enthusiast. He writes to benefit others from his experiences. His overall goal is to help people learn about the Cloud, AI, IoT, Blockchain and Fintech and the effects they will have economically and socially in the future.

No comments:

Post a Comment

    Your valuable comments are welcome. (Moderated)