Kaspersky helps enterprises protect blockchain projects
Blockchain is being widely touted as the technology to secure transactions and run large-scale, data-driven projects with more transparency and efficiency.
But projects which work with sensitive data will eventually become integrated with other business-critical systems and when that happens there’s a need to run security check and approvals. This is why Kaspersky is launching a new service that helps enterprises discover and fix security issues and discrepancies in smart-contract business logic while the blockchain project is on its way from internal innovation to part of actual business processes.
Kaspersky Enterprise Blockchain Security consists of a range of services including Smart Contract/Chain Code Audit and Application Security Assessment. The service ensures correct business logic configurations of smart contract and secure operations of blockchain applications.
Smart Contract/Chain Code Audit reveals non-compliance with documented behavior and possible vulnerabilities as well as errors in business logic. This means companies can be sure that smart contracts work consistently and as stated in the documentation, and that data will not syphon off.
The Application Security Assessment is designed to reveal vulnerabilities within applications that work in the blockchain infrastructure, to ensure they don't impact the integrity of the blockchain. This process uses a combination of white-box testing (based on source code analysis), grey-box testing (emulating insider work via legitimate users) and black-box testing (emulating an experienced external attacker) to ensure no potential risks or vulnerabilities are overlooked.
"Enterprises have been developing blockchain applications for a couple of years and now these innovations are getting ready to be implemented into corporate infrastructure," says Vitaly Mzokov, head of Innovation Hub at Kaspersky. "However, teams responsible for innovation and these technologies may face additional barriers in terms of risk management and IT security. Their fears are not groundless: as corporate-grade blockchain applications become more widespread, the attacks on them will likely happen more often. There is a growing demand for cybersecurity assessment from blockchain development teams who want to keep the project on the rails. Our new offering is aimed to address this need."
Assessment results are provided in a report detailing the technical findings of any vulnerabilities identified and associated recommendations for remediation, allowing enterprises to address security issues before they cause damage.
You can find out more on the Kaspersky site.