Blockchain is the new frontier for secure transactions. However, that doesn’t necessarily mean blockchain solutions are managed securely.
Because blockchain technology is continuously evolving, there is no uniform guidance for building secure blockchain solutions. The lack of information and experience is leading designers to build the technology based on what they think is best. While some may incorporate effective security controls and processes, others may not, elevating risk of the technology being compromised as well as anything built on top of it.
X-Force® Red Blockchain Testing helps organizations build and use blockchain technology and the connected infrastructure securely. The service includes manually reviewing chain code and security controls and processes such as access controls; identifying a probable adversarial path to compromise and move laterally within a blockchain ledger network; and more.
X-Force Red hackers, who are blockchain and security experts, can test an organization’s entire blockchain environment or only the blockchain’s technical elements. Testing the entire environment includes reviewing web and mobile applications that interact with the blockchain technology, APIs, ingress and egress points in the blockchain, public key infrastructure (PKI), user certificates, configuration and networks.