Security, efficiency & transparency: Uncloak’s use of Blockchain
How is Uncloak using Blockchain technology?
To answer that question, the first thing to say is, Uncloak is building a platform for cybersecurity research and protection. We are connecting cybersecurity experts and businesses who need better data security using a Blockchain-based network.
Now, let’s look at the way Uncloak uses Blockchain on a functional level.
The Blockchain system we’re creating removes intermediaries like brokers.
To achieve economies of scale it’s important that security consultants don’t need to be involved directly when end users install Uncloak.
We’re avoiding the administrative overhead of working with each IT reseller in each country who wishes to sell our application.
We’re also eliminating the cost of running conventional bug bounty moderation.
With these Blockchain-enabled features, we can offer a lower service cost to Uncloak’s users.
We’re working with 100% digital assets, including:
- end-user computer information,
- channel partnership information,
- security reports,
- threat landscape reports,
- & security remediation/fault resolution information.
Uncloak’s Blockchain creates a permanent, authoritative record of digital assets so data can’t be tampered with.
- Uncloak clients will be able to identify changes in the security levels of their infrastructure over time.
- Permanent record keeping in the Blockchain ensures that vulnerabilities detected by threat hunters (ethical hackers, researchers, etc.) are properly recorded in the crowd-sourced working environment. This system prevents double payments of bug bounties and prevents duplication of work.
Uncloak will not be implementing rapid (<millisecond) transactions. High-speed transactions are not required for our platform, even though they are available on the EOS blockchain. Data accuracy is of paramount importance, rather than speed.
We will not be storing large amounts of non-transactional data; only minimal high-level client inventory data which will be kept in an encrypted and obfuscated form.
Cybersecurity vulnerability and threat reporting information will be kept on the Blockchain.
Uncloak doesn’t rely on “trusted party” status. We’ll be working with non-trusted parties across the globe; security professionals (threat hunters) who wish to be paid for finding vulnerabilities. Some threat hunters may wish to remain anonymous for various reasons such as whistleblowing whilst working for a software vendor.
Uncloak’s Blockchain manages contractual relationships between client’s, channel partners, threat hunters, and the Uncloak crypto exchange. The Blockchain also regulates the movement of tokens throughout our ecosystem, using a smart contract mechanism, with no need for banks or third-party escrow arrangements.
Uncloak requires shared write access. Data will be written to the EOS blockchain globally by multiple participants; threat hunters, end users, and channel partners.
When a new vulnerability is recorded by two different parties simultaneously, the Blockchain will eliminate the possibility of double-entry, double payment issues.
Contributors to Uncloak don’t need to know or trust each other. Anonymity is to key to ensuring a successful bug bounty operation. It prevents collusion between threat hunters and validators.
Uncloak admins can take control of the system’s functionality in some instances, such as during channel partner registrations and the rolling out of IT reseller relationships.
In certain cases, large-scale cybersecurity threats will be made available to all vendors and subscribers manually if it’s considered to be in the public interest.
Public interest threat discoveries that potentially affect a large number of computers will be available on the blockchain to be read by third party vendors. This will give credence and credibility to Uncloak as being the first to notify users about new threats, which in turn will create greater exposure for the business.
Lena Bhogaita is Uncloak’s Head of Operations. A specialist in cyber-threat analytics and reporting, Lena is steering Uncloak’s product launch, communications and business operations. Prior to joining Uncloak, Lena was Operations Manager for the workplace strategy team at Sky.
