Promote this Nomination

Additional Info

Job title of nominated professionalCloudbric Product Planning Team
Company (where nominated professional or team is working)Penta Security Systems
Websitehttps://labs.cloudbric.com/
Company size (employees)100 to 499
Headquarters RegionAsia

In 3 bullets, summarize why this professional or team deserves recognition:

• During the initial development phase, the Cloudbric Labs team worked closely with Penta Security’s IoT Convergence Lab and the WAPPLES development team to integrate WAPPLES detection data into an online lookup service. Their collaboration brought together the talents of Penta Security’s best engineers whose project has created a framework for the development of open source web security resources.
• The Cloudbric Labs team will utilize the data gathered from BlackIPedia to be fed back into WAPPLES to improve the its logic-based detection engine and reduce false positives.
• Current IP reputation lookup services are rarely comprehensive checking only for network level IPs. BlackIPedia on the other hand is based on layer 7 (application level) IPs, meaning the list can be adapted for various uses.

Overview

BlackIPedia is an ambitious project by the Cloudbric Labs team to allow anyone to leverage privileged threat intelligence to secure their web server. By providing free API access to BlackIPedia, its cloud-based database can be queried in real-time, which means that any developer can create sophisticated exploit filters and security tools by integrating real malicious traffic data.

BlackIPedia is able to provide proprietary threat intelligence gathered directly from WAPPLES, Penta Security System’s high-precision WAF (Web Application Firewall). The WAPPLES logic-based detection engine utilizes patented technology to detect unknown and modified attacks that the signature-based engines of its competitors may fail to capture. By making access to this threat data public, BlackIPedia is an attempt by Cloudbric to encourage more innovation and development of web security resources.

BlackIPedia allows users to check if malicious activity has been associated with traffic IP, and also browse an IP’s web attack history. Users will be able to view the fluctuations in threat level and the range of attack types attempted by a malicious IP. Existing IP and web reputation services can only inform website owners of their sites being classified as malicious or generally just having a “bad” reputation, but provide no tangible means to preventing this situation. By focusing on “Black IPs,” which are IPs receiving a significantly high risk score as evaluated by Penta Security Systems’ security analysts, BlackIPedia fills this information gap.