Advances in chip technology and associated firmware are hardly the only areas to watch with regards to vulnerabilities. Not even getting into the topic of enterprise needs, consider the explosion in mobile applications. It seems that just about everything we do in modern life involves an app, from banking to ordering food, to shopping, travel, and likely soon, dealing with insurance, dental, and medical. The list goes on. Many of the apps are designed by small and medium-sized businesses, aiming to simplify and speed up our web transactions. In part, this reason is why Android apps are currently growing by at least an estimated 40,000 per month globally. The number of total Android and iOS apps total well into the millions. Downloads are numbering into the billions, though not every app ends up getting used. While not all of these apps address business-critical functions, one can only imagine the pressure to rush apps out to market to meet consumer demand for convenience and beat the competition while doing so.

In the rush to get all this software to market, a long list of potential vulnerabilities are frequently exposed, from insufficient encryption for user data to outdated authentication security. A system may have authentication bypass vulnerabilities, a true concern when one considers all the APIs that apps rely on. In recent years, there’s been a number of high-profile cases involving data breaches affecting billions of users, that’s right, billions combined. From Equifax customers, to Yahoo accounts, and even users in the health space, it’s only a matter of time before we start learning of parallel cases, large and small, in the wild west of the mobile app world.

Thousands of apps are being created every month to meet consumer demands.

Traditional options for fighting cybercrimes are not feasible for small businesses and organizations. Buglab addresses these and other vulnerabilities in a cost-effective manner by linking organizations that have information security needs with a community of certified cybersecurity penetration testers. This occurs in an incentivized environment, leveraged by blockchain technology.

Testers are rewarded when they uncover system vulnerabilities. These are ranked by severity and potential impacts. After detecting vulnerabilities, security researchers will recommend a fix for these problems. In addition, Buglab caps the user cost by charging a fixed price and providing a money-back guarantee in the event that no vulnerabilities are detected.

To use the platform, company’s sign up, provide information about themselves and their products and services, and then subscribe to a contest contract. A company is able to customize the level of confidentiality in the contest, the degree of management required, and the compensation package.

About

The buglab solution detects and remedies vulnerabilities on various business applications, websites, mobile applications, IoT devices , and smart contracts by transforming penetration test services into challenges, referred to as contests, for a community of independent information security consultants with certified qualifications.

The buglab project is moving towards implementing blockchain capabilities, so be sure to sign up for our newsletter for project updates. In the meantime, follow the buglab team on Telegram, Reddit, Facebook, Twitter, Instagram, and LinkedIn.