IBM’s X-Force Red Launches Blockchain Vulnerability Testing Service

By Warren Hayes | March 7, 2019
IBM’s X-Force Red Launches Blockchain Vulnerability Testing Service

IBM X-Force Red, what Forbes describes as IBM’s “considerable cybersecurity SWAT team”, has unveiled a new security testing service that helps to identify the strengths and vulnerabilities in a blockchain system.

The new service will evaluate both the backend processes used to manage blockchain networks as well as the actual ledger environment, leveraging the extensive security and developer competencies of X-Force Red penetration testers.

The project is aimed to serve as the best security solution for companies investing in the blockchain industry. However, IBM X-Force Red is seeing that 70% of solutions that incorporate blockchain rely only on traditional technologies for backend processes, making them less secure and leaving space for hidden risks. Aiming to solve this issue, the team offers an evaluation of the whole implementation including chain code, public key infrastructure, and hyper ledgers in its new service.

Charles Henderson, X-Force Red’s global head, argues that while “while blockchain is a breakthrough for protecting the integrity of data, that does not mean the technology and connected infrastructure are always protected from attackers, which is why security testing is essential during development and after deployment”.

Expecting $10 billion in commercial blockchain investments by 2021, Forbes noted that IBM X-Force Red’s new service offering is certainly timely, but also critical for the viable development of the blockchain industry.

Within IBM Security, X-Force Red is an offensive defense service. It is an autonomous team of veteran hackers hired to break into organizations and uncover risky vulnerabilities that criminal attackers may use for personal gain.

Previously, X-Force Red introduced The Red Portal – a cloud-based communication and collaboration platform for clients and security professionals that presents an end-to-end view of security testing programs.

Tags: , , , , ,