Security Innovation Releases Free Blockchain CTF Platform For Smart Contract Security
New Blockchain CTF (Capture the Flag) challenge provides Blockchain application developers, architects, testers, and engineers with an interactive platform to test security knowledge
Wilmington, MA – April 25, 2018 – Security Innovation, a pioneer in software security assessment and training, today announced Blockchain CTF – a first-of-its kind platform for Smart Contracts. It is being released as a free resource open to all members of the security industry, including developers, IT security professionals and Blockchain experts. The interactive “learn by doing” platform leverages the company’s expertise in delivering realistic simulation training like its CMD+CTRL Cyber Range that accelerates security skills development.
With the growth of Blockchain technology comes a new model for thinking of security. As with the adoption of any new technology, it brings new organizational risk and it is important for all stakeholders to have a clear understanding of internal capabilities to be able to handle it securely. Blockchain CTF and CMD+CTRL can help risk and business teams to assess their readiness.
“New applications of Blockchain technology are being researched and discovered each day, especially in finance, commerce and Internet services. For companies that are investigating use cases of this exciting new technology, it is more important than ever that security be their top priority,” said Joe Basirico, Senior Vice President of Services at Security Innovation. “Since the consequences of an insecure Blockchain application will often result in immediate financial loss, it is critical that developers of Blockchain applications are fully prepared to identify and prevent common vulnerabilities in these platforms.”
The engineers at Security Innovation are fluent in Blockchain technology, including Smart Contracts, Decentralized Apps (DApps), Directed Acyclic Graphs (DAGs), On-chain and Off-chain scaling solutions, or novel privacy techniques. Blockchain CTF was developed as part of the company’s ongoing commitment to help organizations solve their cybersecurity issues, and contribute cutting edge research to the security industry.
The Blockchain CTF “Challenge”
The Blockchain CTF platform contains a series of vulnerable smart contracts and DApps with real-life use cases, ranging from decentralized trust funds and open source lottery systems, to Initial Coin Offerings (ICOs) and automated royalty agreements. Each of these applications contain a vulnerability commonly found in smart contracts. Participants can practice exploiting these bugs to steal fake crypto-currencies and win points on the leaderboard.
Security Innovation also amplifies the Blockchain CTF learning experience by providing helpful hints and resources that assist users in gaining a deeper understanding of the tools and methodologies used when developing, testing, and using DApps and smart contracts.
In the spirit of decentralization, Security Innovation developed the platform as a client-side DApp with smart contracts running on the Ethereum Testnet Blockchain. There are no back-end server components aside from a few statically hosted scripts. All state is managed by the permission-less, decentralized network running the Ropsten Testnet Blockchain.
Try the Security Innovation Blockchain CTF here.
Click here to learn why Security Innovation is the worldwide leader in software security training and assessment services.
About Security Innovation
Since 2002, organizations have relied on Security Innovation for our unique software security expertise to help secure and protect sensitive data in the most challenging environments - automobiles, desktops, web applications, mobile devices and in the cloud. A best in class security training, assessment and consulting provider, Security Innovation has been named to the Gartner Magic Quadrant for Security Awareness Training for four consecutive years. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit www.securityinnovation.com or connect with us on LinkedIn or Twitter.