Today I will invite you to join the "Buglab.io" project where this cyber security site is very promising for those of you who are interested in investing their funds in the ICO sales they do. If you are interested in joining this project, it's a good idea to read reviews that can help you get information and help you in seeing their vision and mission during the project.
About Buglab
Originally from Morocco, Cherqaoui launched Buglab in 2016. He and his team moved to the French cybersecurity hub of Bretagne after winning a government-sponsored place in the "prestigious French Tech Ticket" accelerator technology startup, season two.
Buglab will offer a unique, competitive, incentive, and easy-to-use platform to address this expanding business need. Buglab will help companies, whether in IT, financial services, or in retail, to identify and reduce cybersecurity gaps that they may not know (but should) know. The solution makes cybersecurity services accessible even to very small companies that usually lack resources and budgets to address cybersecurity vulnerabilities using traditional methods. The Buglab platform detects and overcomes vulnerabilities in various business applications, websites, mobile applications, Internet of Things (IoT) devices, and smart contracts by transforming penetration testing services into challenges, called contests, for an independent community of information security consultants with qualifications certified.
According to the Founder and CEO, Reda Cherqaoui, Buglab is "Affordable penetration testing for small and medium businesses". "We are proud to say cybersecurity. What we are doing is that we connect a community of certified and specially selected cybersecurity researchers with customers who have cybersecurity needs, "he added during an exclusive interview with Decentral Magazine.
What are the core features behind Buglab?
- Public Contest: After the company provides the necessary information and launches the contest, the community accepts an invitation to participate.
- Personal Contest: Clients can choose pentesters from the community or teams from cybersecurity companies that are validated to solve their problems.
- Selection Features: Clients can choose pentesters using different filters such as country, expertise, score, etc.
- Triage System: Vulnerabilities reported through the ordering system on the platform to identify duplicates before reaching clients. This reduces redundancy and only provides relevant information to clients.
- Reports: Clients receive reports about security contests with summarized performance. This will help clients compare security status and asset progress.
- Managed Clients: Clients can choose their own contest management from Basic, Pro, or Enterprise.
- Mediation: In the case of a client who manages the contest itself, they can request mediation from Buglab. This happens if the pentester feels a score or an unfair evaluation so that Buglab will mediate the situation.
- Leader-board: This shows the pentester rank based on their score and experience. This makes it easy for clients to choose a star pentagram.
- Chat: Each report provides an opportunity for clients to chat with the pentester to get help fixing vulnerabilities.
- Fix Companion: Companies that choose Enterprise level have the opportunity to let Buglab verify whether improvements have been applied.
Anyone who says cybersecurity penetration is not pleasant, must have never heard of the Buglab penetration testing contest:
"Usually we change the penetration test into a contest. We created a competition where cybersecurity researchers challenged each other to become the first three with the highest scores in reported vulnerabilities. The top 3 researchers received 70% of the contest prizes. The first will get 40%, the second will get 20%, third get 10%. This platform also allows clients to reward researchers who did not win contests that may have found a critical vulnerability not found by the top three. "Reda Cherqaoui at the Blockchain Economic Forum in an exclusive interview with Decentral Magazine".
The Buglab penetration contest allows all companies to use a platform to work with a community of certified cybersecurity penetration testers who get incentives for it. This is done in the form of a race so that the client will definitely receive fast and credible results. Examiners can be independent or groups of less than five of the companies are validated.
No matter how big or small, all companies are welcome to use the Buglab platform. The following steps show how easy it is to get your company dogged by cybersecurity professionals:
- Register on the platform and provide information about the company; the goods and services that they provide then subscribe to the competition contract by choosing personal rules that the company wants to set. It is possible to adjust the confidentiality of the competition, the type of management desired, the cost of the contest depending on the plan chosen and the chosen bonus.
- Based on the confidentiality that is set, the client chooses from a list of pentesters in the community and the Buglab recommendation engine helps determine the right match.
- Selected Pentesters test company systems and submit reports. The scoring system encourages settlers to be the first to send vulnerabilities because the maximum number found gets the highest score.
The Pentester Buglab contest is just one of the offers from the company. There are other offers, specifically for "Whitehats" under the Vigilante Protocol.
The Vigilante Protocol is an integrated hacking prevention program. Below, Whitehat researchers report vulnerabilities about companies that are not on the Buglab platform. The company was then invited to award the whitehat for the vulnerabilities found. Basically, companies can find out their shortcomings at a minimum cost. The way it works as described by Reda Cherqaoui is that:
"This allows hackers whitehat to globally report vulnerabilities to Buglab. This vulnerability is a company that is not on our platform and in partnership with Cert and CSirt they contact these companies to help them improve their vulnerabilities."
Buglab also recently announced that it plans to secure a cryptocurrency exchange by holding a contest with a prize pool of $ 2 million.
Why partner with Cert and CSirt in the first place?
"When a white hat reports a vulnerability to us; if we check whether this vulnerability exists or not, we need to test it by exploiting it and if we do it it is illegal. So if they do that, it's legal and that is why they partner. So when the cert and CSirt confirm that a vulnerability exists, the Whitehat hacker receives several tokens from the vigilante protocol backup where the company places the funds. "
Help companies can choose to reward hackers or organize contests on the Buglab platform. Because whitehat is the one that takes the company on board, they receive 2% of the service fee. Whitehat will be allowed to participate even without pentester status.
Why focus on whitehat?
Usually, people are not allowed to do this because they do not have authorization from the company to carry out the test and find vulnerabilities. When they do, they protect their identity in many ways such as making journalists an intermediary between them and vulnerable companies because they cannot contact the company directly. At present there are cases of people who have critical vulnerability data on very large companies but they cannot communicate or contact the company to help them because they are afraid. Whitehats don't usually get money from reporting this vulnerability so they decide to just keep it and do nothing. However, if blackhat finds vulnerabilities, they will only steal data and sell it on the black market, damage the website or do something bad for the company.
There are thousands of Russian companies doing this security penetration test. What makes Buglab different?
At present, the available penetration testing services are not feasible for small and medium enterprises. Penetration tests conducted by cyber security consulting firms require clients to pay in terms of the number of hours that can be billed. In addition, only one or two pentesters do the job. This means that, whatever the results, the company will pay almost $ 100 per hour using only a limited Pentester. The end result is often in the form of a report in PDF format and does not facilitate the improvement of vulnerability or get further details about the vulnerability of the pentester. Second, the gift bug challenge requires the client to pay according to each vulnerability found. Vulnerabilities found are sometimes not in the company's budget in terms of resources. From these tests, the client may get irrelevant results because of deficiencies studied without in-depth research. In the end, a client will only receive deficiencies without any value for their company.
Another reason raised by Reda Cherqaoui regarding the gift is that:
"Large companies can do this because they know their level of security. So, they are able to run the gift because they know people will not find 1001 vulnerabilities. Small and medium-sized businesses usually do not do penetration tests; so imagine if you finally received 101 vulnerabilities, each worth around $ 100. That's more expensive. "
What is the revenue model?
At Buglab, 70% of the contest fees go to the top three, while 19% goes to the company itself. 1% is for the Buglab transaction backup that is used to pay for transactions on the blockchain and 10% is to reserve the vigilante protocol so it pays whitehat.
Buglab Tokens (BGL)
Buglab Token (BGL) is being introduced to incentivize penetration testing in the blockchain environment. In the context of the Buglab experience, exchange tokens occur in the following scenario:
- To appreciate the winners of the contest, up to the top three in the ranking, or adjusted by the client.
- To cover contest costs, including transaction fees.
- To activate and tokenize the "tipping" functionality for white hats.
- To finance VPR and BTR.
- To reward CERTs and CSIRTs for sorting out vulnerabilities and helping build new partnerships.
Tokens can be transferred between two parties via the Internet according to the rules specified in the contract holding the token. During TDE, tokens have been sold previously with discounts to users who see the value on the platform and anticipate they will use tokens to access the platform when it is ready and available for public use. BGL tokens are based on the ERC20 standard for blockchain tokens. As illustrated in the following figure, tokens will be required for all transactions carried out in the ecosystem, including ordering contests.
Token Details
- Token: BGL
- PreICO Price: 1 BGL = 0.15 USD
- Price: 1 BGL = 0.15 USD
- Platform: Ethereum
- Receive: ETH
- Soft stamp: 6,000,000 USD
- Hard stamp: 20,000,000 USD
[BGL] Pre-Direct Selling Tokens
Bonus Structure
- First 24 hours = 20 %
- Week1 = 15 %
- Week 2 = 10 %
- Week 3 = 0 %
Token Allocation
Conclusion
As you can see in this discussion, Buglab will greatly benefit small and medium businesses who want more cost-effective internet security facilities. Pentersters and Whitehats will, themselves, be rewarded for helping these companies find and resolve vulnerability problems. Buglab Tokens (BGL) will be the heart of the ecosystem, and they will be used to buy contest plans and reward settlers and whitehat. Buglab has made waves and gained a lot of media exposure. How Buglab will redefine cybersecurity is something that should be expected.
More information contact:
- Website: https://buglab.io/
- Whitepaper: https://buglab.io/assets/docs/Buglab_WhitePaper.pdf
- Twitter: https://twitter.com/joinbuglab
- Telegram: https://t.saya/buglab
- Facebook: https://www.facebook.com/buglab.co
- Reddit: https://www.reddit.com/r/buglabProject/
Author: tasya Nabilla
Eth: 0x14DAEA80662fc2726c6348989bd2eDe94C4a1d79
No comments:
Post a Comment