#DigitalDefence Hack Winner Showcase
This is the first in a five-part series which will showcase the projects built by the Top 5 winners of the #DigitalDefence Hackathon - the biggest international cybersecurity challenge of 2020!
Team Tardis
Arya Anghan, David Sarkies, Mohammed Ilyas Ahmed, Ritu Kumari, Szabolcs (Szasza) Palmer
Team Tardis created a real-time malware detection scanner for all file uploads! They ranked #5 globally across all challenges
Challenge by our premium sponsor IBM:
DevOps is increasingly incorporating a Security focus, shifting towards DevSecOps. How might a DevOps loop and \“Continuous Integration / Continuous Deployment\” CI/CD approaches be improved to better identify security misconfigurations, improving the ability to catch security issues throughout the development, deployment and ongoing operations lifecycle?
Problem Statement:
According to OWASP, a malware injection
is the #1 risk compromising web applications. Injections can infiltrate a system easily through file attachments.
Motivation:
Organizations should be able to upload and download files from internal and external sources without worrying about this type of malware.
Solution:
A file upload security solution
This project works like a water filter – rids the water of pollutants and gives out clean water, all without any work on your part. This solution weeds out the bad files and allows access to only the safe files, all without any additional effort or hindrance in your workflow.
Feature Highlights:
Lightweight and scalable solution
Feeds information back to XFE to aid the global effort
Easy integration into clients systems
Proactive security before the damage occurs as opposed to reactive security that takes place after the attack
Aid customers to create a secure pipeline for their own systems
What does it do:
This is a software solution that can be integrated with existing applications. It monitors file uploads in real-time and detects and prevents malicious actors from gaining footholds in the client’s systems. It does so by verifying the source’s IP address and file hash. It then cross-checks it against IBM’s X Force exchange database. If the IP is found to be malicious, the file is deleted.
Company costs:
Cloud hosting and server infrastructure
Marketing and outreach
Administration and overheads
Revenue Stream:
Primary monitoring solution of files
Consultancy, penetration testing and security analysis for clients
Dedicated human monitoring as a premium service
What do you think about this project? Four more projects will be up in the new few weeks.
Let us know on Linkedin.
Comments