By democratizing security vulnerability reporting and utilizing tokenized incentives, Secure Planet aims to better secure Open Source software, with an emphasis on projects critical to the next generation of IoT devices.
SINGAPORE, Oct. 09, 2018 (GLOBE NEWSWIRE) -- Secure Planet, the creator of the first crowdsourced, security vulnerability knowledge platform, announced today its token generation event (TGE). By democratizing security vulnerability reporting and leveraging tokenized incentives, Secure Planet will better secure Open Source software (OSS), with an emphasis on those projects critical to the next generation of the Internet-of-Things (IoT) devices. Secure Planet is an independent Foundation, created and spun out of Insignary, a global leader in binary-level software composition analysis.
“Security-conscious organizations try to mitigate open source security risks by leveraging centralized vulnerability databases, such as the popular National Vulnerability Database. However, these platforms are operated by a closed, centralized group of managing authorities,” said Tae-Jin (TJ) Kang, CEO of Secure Planet. “As a result, they are susceptible to information bottlenecks and bias in vulnerability reporting. Additionally, the existing system does not deploy financial incentives to motivate the OSS security community to participate in the bug reporting process. Through Secure Planet’s platform, a blockchain-based solution equipped with a tokenized incentive system, we aim to overcome these issues that pervade today’s OSS security landscape.”
Industry analyst firms are projecting there to be 20.4 billion IoT devices in operation by 2023, yet highly publicized intrusion events like automobile and Wi-Fi camera hacks attest to the fragile security of our increasingly connected world. According to a Wall Street Journal report, 99.9% of hacking incidents are executed through the exploitation of known software bugs and security issues. To mitigate these known flaws, enterprises leverage centralized and thus problematic security information databases.
Secure Planet is building an alternative, independent and self-sustaining platform that addresses and overcomes the issues inherent in currently available, centralized options. In order to continually feed this new data platform with up-to-date information, Secure Planet will initiate OSS bug bounty programs that utilize tokenized incentives to crowdsource white hat hackers and the open source community. Additionally, Secure Planet’s OSS security database will harness the power of blockchain technology and assign hash values to serve as seals on the stored information, thereby making potential tampering of the data obvious and transparent.
Secure Planet is not the first to introduce bug bounty programs to the vulnerability management market. In addition to using their internal security teams, various enterprises have increasingly enlisted outsiders to detect security flaws in their proprietary software. Unfortunately, most OSS projects, which comprise approximately 77% of software in development, do not enjoy such corporate support. As a result, they are not covered under the traditional bug bounty programs that focus on commercial software. Secure Planet will address this gap by funding bug bounty programs for OSS by selling access to the security database that will be created as a result of the programs themselves.
By collaborating with Insignary, Secure Planet can address the particularly urgent challenges in the IoT industry, where security is less aggressively managed. By using its fingerprint-based, binary code scanner Insignary Clarity™ to analyze both public and private software, Insignary has been growing a database of the OSS projects that are most commonly deployed in IT infrastructure, including IoT devices. Secure Planet will use these statistics of OSS usage to prioritize bug bounty programs
About the Secure Planet TGE
Secure Planet’s TGE began in September 2018 and is currently in the phase for private investors, and will be available for the public at a later date. Secure Planet is raising $20 million USD for 40% of token sales (out of a total of 2.25 billion tokens). A portion of the raised funds will be for research and further platform development, while the majority will be made available to incentivize the finding, reporting and cataloguing of OSS security vulnerabilities.
About Secure Planet
An independent Foundation based in Singapore, Secure Planet is the creator of the first, crowdsourced security knowledge platform. By democratizing security vulnerability reporting via tokenized incentives, Secure Planet aims to secure Open Source Software, with an emphasis on OSS projects critical in the development of IoT devices. For more information please visit www.secureplanet.io.
Secure Planet and the Secure Planet logo are trademarks or servicemarks of SecurePlanet. Insignary, Insignary Clarity and the Insignary logo are trademarks and servicemarks of Inisgnary, Inc. All other brands, trademarks or servicemarks are the property of their respective owners.
Media Only Contact:
Ed Schauweker
AVID PR for Insignary, Inc.
ed@avidpr.com
703-963-5238