IBM X-Force Red Blockchain Testing Service
The IBM X-Force Red Blockchain Testing Service will evaluate the entire implementation process including chain code, public key infrastructure and hyperledgers. It will also test the backend processes, applications and physical hardware used to control access to and management of the blockchain networks.
IBM X-Force Red will evaluate how permissions to access and add information to the blockchain are administered, including password policies, susceptibility to brute force attacks, and the implementation of two-factor authentication. The team will also test for the secure creation, management, and distribution of digital certificates and keys associated with the blockchain network.
Common libraries and component dependency hacking can be tested by X-Force Red during design and implementation to ensure secure dependency signatures and a trust build pipeline. And while smart contracts allow for trustless execution of agreements by parties on the blockchain, IBM said proper penetration testing can still find exploitable flaws in those agreements.
