Bug bounties are becoming more and more popular, PolySwarm is the latest project to hit the blockchain to do just that. According to the PolySwarm website:
“PolySwarm is a decentralized threat intelligence marketplace that rewards security experts for accurately identifying malware.” The marketplace is set to be released by the end of the year, in which security experts will be rewarded with cryptocurrency for discovering new threats of malware.
The firm claims that the ecosystem will be the first of its kind and will provide an opportunity for hackers across the globe to legitimately earn money and provide more extensive threat analysis for enterprises. It is built on the Ethereum platform and runs on Nextar, an ERC20-compatible utility token.
The CEO of PolySwarm, Steve Bassi:
“As malware attacks continue to grow and evolve, we need a new way to protect enterprises from threats. The existing antivirus (AV) model of single vendor threat detection is inefficient, there are too many false detections and it’s designed to focus on known widespread threats. Ultimately this slower model of malware discovery puts users at risk. Added to this, the industry’s also struggling with a shortage of skilled security talent which is why we believe it’s time for a re-think on the economics of this industry.”
Usually, a company will pay an AV company a subscription fee to scan their files for threats. Co-founder of PolySwarm and the CSO at the firm, Ben Schmidt has said:
“Those solutions, by their very nature, are sort of jack of all trades, but master of none. They are trying to cover the general, most common threats, but don’t really specialise in doing one particular thing very, very well.”
Instead, the company will put those files into the PolySwarm marketplace with a reward for the user along with it. As reported by Verdict, security experts on the network will then analyse the file for malware and when an expert in the marketplace believes that they have discovered a threat, they can bet their Nectar tokens on their assertion.
If they have more faith in their analysis, then more tokens will be betted. Those in the marketplace who think the analysis is incorrect bet against them.
What are your thoughts? Do you know someone this would apply to? Let us know what you think in the comments down below!