Build, implement and use blockchain technology securely

Blockchain is the new frontier for secure transactions. However, that doesn’t necessarily mean blockchain solutions are managed securely.

Because blockchain technology is continuously evolving, there is no uniform guidance for building secure blockchain solutions.  The lack of information and experience is leading designers to build the technology based on what they think is best. While some may incorporate effective security controls and processes, others may not, elevating risk of the technology being compromised as well as anything built on top of it.

X-Force® Red Blockchain Testing helps organizations build and use blockchain technology and the connected infrastructure securely.  The service includes manually reviewing chain code and security controls and processes such as access controls; identifying a probable adversarial path to compromise and move laterally within a blockchain ledger network; and more.

X-Force Red hackers, who are blockchain and security experts, can test an organization’s entire blockchain environment or only the blockchain’s technical elements. Testing the entire environment includes reviewing web and mobile applications that interact with the blockchain technology, APIs, ingress and egress points in the blockchain, public key infrastructure (PKI), user certificates, configuration and networks.
 

X-Force Red Blockchain Testing services provide

Chain

Chain code review

Identify and help fix critical vulnerabilities.

Configuration and access

Blockchain configuration and access control review

Assess the certificate authority, PKI, remote nodes and block producers, developer access code repository security, and integration with off-chain code.

Documentation and policy review

Blockchain documentation and policy review

Help developers, architects and risk owners develop security policies, procedures and controls.

X-Force Red Blockchain Testing helps

Lots of texts in screen

Create secure policies and processes

X-Force Red works side-by-side with blockchain developers and architects to build in security during design.

man with notebook near the window

Secure blockchain technology

X-Force Red assesses all components of the blockchain technology including chain code, access controls, configurations and more.

colourful lines connected

Secure the connected infrastructure

X-Force Red tests the entire blockchain environment including connected applications and systems, and shows how attackers could exploit identified vulnerabilities.

Why X-Force Red Blockchain Testing Services

two men analyzing a machine

Expertise

X-Force Red hackers are blockchain and security experts. They have extensive expertise in testing blockchain platforms.

Flexibility

Breadth of resources

X-Force Red works with IBM's blockchain developers and architects so the team understands typical security vulnerabilities within blockchain networks during design and beyond.

Red lights reflecting in someone's hands

Efficient remediation

Using X-Force Red's portal, clients can view findings as they are uncovered so remediation can begin immediately.