After a first presentation of our KYC product in April 2017 at the IBM Client Center in Montpellier, IBM invite us to present our brand new product: Blockaudit, the ultimate security solution!

IBM Blockchain Explored: Blockaudit

The IBM Blockchain Explored event occur the 24 to the 26 October 2017 and is intended for clients and IBM partners to learn more about Blockchain. The day was an introduction with some great people talks:

Ian Mitchell, Blockchain Architect at IBM: demystify the Blockchain principle and give real use cases
Rashik Parmar, Lead IBM Cloud Advisor: give the right advices to get started with the new Blockchain technology
Oleg Abdrashitov, Head of Blockchain at Altoros and Lead of the Requirements Working Group at Hyperledger: present the Russian Stock Market use case
Jean-Yves Girad, Hyperledger Fabric expert at IBM: demonstration of a Virtual Insurance Assistant
Olivier Bernin, Technical Development Manager at IBM: demonstration of a Cross Border Payment

And finally, Alain Arditi, co-founder of Smile and Strategy Leader at chainHero: present and show a little demonstration of Blockaudit.

What is Blockaudit?

Blockaudit is a tool to prevent specific threats: insider threats, like system administrators that have every power! It is not intended for hackers, bots, ransomwares… but for people like you and me, your colleagues, every one that have administrator rights on critical data of your business.

Why?

Insider threats cost more than isolated attacks and it is really hard detect them. A survey from CERT organisation on the 2015 U.S. cybercrime show that most of the time this kind of threat are unknown and represent a real impact.

How?

Two principles compose Blockaudit:

The kernel audit introduced in Linux which allows a direct audit at the lowest level of the system
Blockchain which stores and distributes logs with immutability

The Kernel Audit has a lot of advantages and complies with the top security requirements, like the Payment Card Industry Data Security Standard (PCI DSS).

In addition to this great tool, we design a system that get audit events and stores them in a Blockchain. This allows anybody (administrators, security regulators, backup servers) to get a clear view of who made what in which system. As everyone can get this information, an insider attack can be detected very quickly and will prevent next attacks. Keep in mind, that when the event is stored in the Blockchain, nobody can erase it.