Official Cloudbric September 27th Reddit AMA Recap
On September 27th, 2018, TJ Jung, Cloudbric’s CEO, hosted a Reddit Ask-Me-Anything to engage with the global Cloudbric community. The steady but constant flow of questions from the global Cloudbric community lasted for three hours. The original AMA post can be found here.
Here’s a recap of all of the questions that were asked during the AMA.
aCryptoJournalist | 5 points — If Cloudbric was already a successful Security-as-a-service, why put it on the blockchain?
taejoonj — Great question! In our 3+ years of servicing, one thing that we noticed is that all users recognize the need for cybersecurity (or in our case web application security), but most tend to shy away from proactively utilizing any security solutions…until they get hacked. To be perfectly honest, cybersecurity isn’t the most sexy topic out there, but it is certainly a needed solution.
What our team wanted to do was devise a way to incentivize users to begin actively adopting cybersecurity best practices and one way that we could do this is to provide users with security rewards through our tokens. In addition, decentralizing the cyber threat information that we compiled from our users around the world need added verification and authentication to ensure that certain IPs, spam URLs, fraud wallet addresses, etc. are in fact malicious. We can achieve this from the blockchain.
startupjunky | 3 points — Wondering how viable having all that data open sourced to the public would be but this ama looks interesting, will try to tune in!
taejoonj — In terms of viability, what we hope is that this allows all ranges of users, enterprises, governmental institutions, etc. to utilize this comprehensive list of ever changing cyber threat data to properly secure their systems and/or end users. This database would be continually updated utilizing our deep learning technology, as well as from manual contributions from our user community.
You can actually take a look at a beta version of our database called Cloudbric Labs:
engagThe | 6 points
Why would someone use your WAF solution over the solutions baked into CDN?
Most businesses are looking for very stable, reputable companies to handle their security, are you aware that by aligning yourself with unstable cryptomarkets you may lose potential customers?
How does your solution integrate with existing CDN providers, and how does this work with global delivery?
taejoonj | Thanks for the comment. Let me try to answer one by one below:
1)Currently, our web application service is able to integrate with any CDN provider. The optimal traffic flow would be:
Client ←> CDN ←> Cloudbric ←> Webserver
2) Typically, providers that integrate a WAF solution with their CDN do not have the highest performance in terms of false positives or accuracy in detecting malicious traffic. In fact, a lot of solutions utilize open source ModSecurity and build custom rules on top of this solution. For Cloudbric, what we do is we create all of our security detection systems (using logic analysis) here in-house and will soon launch our deep learning system for our upcoming project.
3) Personally, we feel that going with this new platform for Cloudbric we would actually expand our reach and ability to provide security to a more diverse range of customers. We certainly do not want to alienate any of our current customers, which is the reason why we will continue on with fiat based payments to smooth the transition of our users. However, by expanding our collective servicing to now dip into end point security, as well as a secure crypto wallet, we should be able to be a trusted voice in the crypto security space and lead this market.
TheSadMountain | 5 points — Decentralized threat data is valuable for analysts on common needs, but challenging to enact in a timely manner.
For example, National Vulnerability Database, the centralized repository for vulnerability disclosure in the United States, relies on vendors reporting vulnerabilities and their possible impact. This means 1. The database is not comprehensive (but it’s pretty good), 2. There is frequently a delay in vulnerability disclosure to the database, with a median of 7 days from vendor disclosure to disclosure in NVD.
Common open threat feeds can suffer from the same fate when using threat intelligence platforms or security services, like MSSPs, to aggregate. In one example, I was working with a client who saw an indicator in their SIEM popping us as ransomware C2 according to a well known threat feed. When they reached out to their MSSP for more context, they were told that the IOC actually aged out a few days prior. They were not pleased.
Another challenge is the inherent difficulty in accessing and aggregating the data in the first place. David Bianca’s Pyramid of Pain is a great way to understand difficulty vs value. Low level IOCs, like detecting malicious IPs and hashes is relatively trivial (e.g. Broad scanning servers for signatures of RAT controllers; Shodan has a malware scanner for this). Other data, like endpoint telemetry from a broad spectrum of personal and commercial enterprises or criminal actors on dark web forums for discussions of exploit proof-of-concept code is a whole other consideration. These are expensive to access and maintain, require special technology and knowledge, and are far more valuable as they give insight to adversary tools and TTPs.
Hope this provides some insight.
How do you respond to this? (found this from an old post)
taejoonj — Excellent question TheSadMountain!
I agree that the NVD or any database for that matter has a delay. However, the difference between Cloudbric and any other database is that we provide the actual security solutions to provide active protection/filtering. This means as soon as a vulnerability is discovered and uploaded to our decentralized database, anyone using Cloudbric would be actively protected against this type of attack, or at least faster than waiting for the vendor to provide a security fix/patch. In addition, since we have been an active service provider for quite some time, we do have a large dataset of attack information that will enable us to go to market immediately. Other providers would need to call on their communities to help build their attack information.
As for the difficulty of aggregating data, this is where our tokens come into play. Conventional DBs expect vendors or hackers to contribute purely out of good heart. However, we actually incentivize our users to contribute to our database, and therefore spark the beginning of the most comprehensive database.
kennethmci | 5 points — Let’s have some fun — lets say theoretically I have a botnet at my disposal… hundreds of thousands of bots under my control. Can I attack my own servers, generating immense amounts of data, to gain CLB tokens? 😇
taejoonj — Haha, clever question :)
The primary purpose of the Cloudbric Labs database is to capture in real time the most diverse range of attacks that are happening around the world. There would certainly be a cap on the amount you would be rewarded for simply contributing a ton of spam IPs like you would in this botnet case.
But if you can get past our systems and have it recognize as an external attack, rather than a self inflicted attack, then kudos to you :)
izacque | 5 points — I’ve done a little digging and see that you are an ERC20 token. How do you expect to handle terabytes of data going in and out every day when the Ethereum network can’t even handle 50 TPS?
taejoonj — You’re certainly correct here. We would be inspecting and filtering large amounts of data and traffic on a constant basis. Upcoming this information to the blockchain would simply be unfeasible.
Instead, Cloudbric will be deploying an IPFS system to actually store the attack data safely in our Cloudbric data centers/nodes and then storing the hash values onto the blockchain so that users can access and verify the contributed information.
In terms of blockchain platforms, we are still considering other alternative solutions, but for the time being will proceed as an ERC20 token.
mrowmrif2 | 4 points — What’s the benefit of having the data open to the public if the hackers have access to the same data? Wouldn’t they just simply spoof their IP / use proxies to get past the blacklist?
taejoonj — Spoofing IP addresses can always happen; however, attack patterns and methods would still be detected by the Cloudbric deep learning system. A better way to put it is that simply making malicious IP addresses open is the most basic form of security, which would lend itself to workarounds just like you suggested. The more important thing to consider is actually recognizing and blocking the attack that these IPs launch.
MrNoCoin | 2 points — Hello TJ,
How would Cloudbric protect users from the following attacks if the information is open sourced out to the public. Wouldn’t hackers be able to review this information as well and reroute their attack strategy?
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Insecure Direct Object References
- Security Misconfiguration
- Cross-Site Scripting (XSS)
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging and Monitoring
taejoonj — I think I touched on this a bit earlier in the thread, but the fact that hackers have access to this open source information, it really wouldn’t affect our security detection in anyway. Cloudbric’s attack detection engine isn’t solely based on pattern matching analysis for attacks. Instead, we deploy a proprietary logic based analysis, as well as our upcoming deep learning technology integration. Hackers would of course have open access to our decentralized database, but this would not impede our security in anyway especially for the attacks you listed above and the OWASP top 10.
mrowmrif2 | 3 points — In one of the videos there was talk about staking coins. Does that mean that I will no longer be able to protect my site through Cloudbric for free? I have to buy tokens?
taejoonj — Yes, we are trying to provide our entire suite of solutions to all personal end users by staking and holding a select number of CLB tokens in their respective attacks. However, actively utilizing Cloudbric and also contributing threat information would also provide free CLB distributions via our Security Rewards Program. This, in effect, would make your servicing from Cloudbric free of charge as time goes on.
MrHarribalsonya | 3 points — Can’t wait to see all the great answers #Cloudbric has for us.
Question 1 With the advancements of VISION deep learning engine being the foundation of Cloubric. What does the team see as the largest hurdle in accomplishing the most accurate and low false positive rated user reward system solution on the market?
Question 2 With Penta Security Systems offering so many great security solutions. Will Cloudbric look to integrate D’Amo encryption or play a roll in future Penta Security projects? Such as AMO Labs with Dr. Sang Gyoo Sim?
Thank you in advance for answering my questions.
taejoonj | 2 points
Thanks for the question here!
1) I would say one of the biggest hurdles VISION would face is the fact that at the current moment, it is optimized for recognizing web application attacks. However, moving forward, we would need to call on the user community to help grow its detection capabilities for the end point or mobile devices and in the way future for IoT based appliances/solutions.
2) Yes, of course. We are looking to partner with other reputable third party security vendors to make Cloudbric the most comprehensive and high performance solution on the market. We do work with Penta Security in a strategic business capacity and look forward to working with them to provide security for their current and upcoming solutions.
yoboyshae | 3 points — The blockchain is an effective solution of the centuries-old consensus problem. Using cryptography (hashes and digital signatures) and a system that rewards participants, the winner of a “cryptographic lottery” reaps the rewards while, at the same time, ensures the validity of the entire ledger. At the same time, the blockchain is not a universal solution to any problem having to do with transaction verification and security: its implementation must be adopted only after careful examination of the requirements of the application. The impact of the blockchain in modern society is disruptive and the consequences of its widespread adoption are still unknown.
- The Blockchain as a Decentralized Security Framework / ResearchGate 2018
With cyberattacks and the blockchain world changing at such a rapid pace, how do you plan to keep up with the ever-changing atmosphere? Are you even equipped to adapt?
taejoonj — Very good question here. You’re totally right, keeping pace with a constantly changing market/technology is always a challenge for any company. However, we have been up for the challenge a few times especially when we first transitioned our technology from an appliance based solution to the cloud and from a cloud SaaS to moving onto the blockchain. The most constant that remained through all of this is the cybersecurity portion, which is something we specialize in. As the blockchain community and market as a whole grows, we expect to adapt our security expertise and technology to best protect users from what we think will be the most prominent and dangerous attacks so that we can provide peace of mind to all users.
Gledze | 3 points — I want to learn more about your advisors.
How do they assist you in your day to day operations? (or week-to-week / month-to-month, as I’m sure they’re busy)
Does Mr. Ex CEO Samsung China actually provide input and help, or is he just a poster child to build hype?
Does Dr. Jae Won Lee advise you in security solutions stll? because it seems that his skill level is a lot more suited for higher level projects than a simple WAF
taejoonj — Our advisors actually play an active role in our business strategy and the long term vision of where we want to take Cloudbric. For instance, Mr. Young Ha Kim, attends a lot of our regional events and also helps provide introductions to this network in the China region.
Mr. Jae Woo Lee is one of, if not, the most respected cybersecurity professional in South Korea. He provides more insight into how he thinks Cloudbric should do to better reach users on the sidelines and bring a more comprehensive approach to cybersecurity (rather than just providing a niche solution).
kennethmci | 3 points — How many cyber attacks have you prevented this year so far? Or on average how many do you prevent per month?
taejoonj — Sorry for the slight delay, had to go and check our WAF logs.
In the past year, we successfully blocked approximately 33,976,527 attacks and 1,670,094 attackers (hackers) this year. These numbers are just from our WAF, and do not include any layer 3/4 attacks.
aSadPuppy14 | 3 points — What is your acquisition strategy to gain members on the VISION network other than the rewards system?
taejoonj — As you know, Cloudbric is an active web application security vendor with more than 60 global resellers and 10,000+ enterprise organizations/members all using Cloudbric. We hope to transition our current user base to the upcoming platform and will also look to tap into the mobile device market, which has more than 6 billion active devices on the market. Personally, I think many ICOs, exchanges, and other blockchain based business see the true need for security already and it’s only a matter of time when end users really see what’s at stake with their digital assets/money. This will lend to more users naturally seeking cybersecurity specifically geared toward protecting cryptocurrencies and blockchain businesses. However, a lot of cybersecurity ICO projects out in the space do not actually provide real solutions/products to counteract attacks, but merely provide an open database of attack information. This is where Cloudbric will play a major role since we are industry experts and have a strong track record of success.
dizzywj | 3 points — I have heard of viruses taking over computers by the thousands just for the purpose of mining cryptocurrencies. How do you feel about this? Is cryptocurrency actually making the web a more dangerous place?
taejoonj — I don’t think cryptocurrency is making the web a more dangerous place, it’s just more of the fact that there aren’t any sophisticated and widely available solutions to counteract these attacks. Spammers and hackers will always exist if you make your data available on the internet. We just hope that providing our set of solutions that will be easy to use and affordable will allow all users to have that peace of mind when transacting with cryptocurrencies.
frenzikstyl | 3 points — Great reading through all these questions & answers. I wanted to ask: why did you guys decide to have a reverse ICO instead of just having private investors?
taejoonj — I think what last year taught us is that not all ICOs are created equal and for a matter of fact a lot of these projects turned out to be scams. People certainly recognize the need and potential for blockchain technology, but would rather have experienced and expert teams head up a project that they actually rely on. This made reverse ICOs a big trend since forward thinking companies that recognize the power of blockchain can now leverage their experience to enter this space and make it more professional so to speak.
Here at Cloudbric, we recognized that blockchain technology isn’t going to go away anytime soon and rather than stay on the sidelines, we wanted to spearhead this market and become a true market leader. In addition, this gave us the opportunity to reach a whole new set of users that we wouldn’t have interacted with before as a niche based cybersecurity vendor.
CertainAdhesiveness3 | 2 points — Hey TJ, have been following Cloudbric for a bit through Telegram. Wanted to participate as I feel this project definitely stands out amongst the crowd of shit ICOs. I was wondering since all the hack data is being broadcasted on a public blockchain, wouldn’t that make it easier for hackers to find attack vectors that haven’t been breached yet? Thanks in advance for answering
taejoonj — Thanks for following! Yes, I think we answered something similar in this thread, but although we’d make certain attack patterns and sources available via the blockchain, this would not exclude us from actively blocking new attack attempts moving forward.
As I mentioned earlier, our detection technology is not solely reliant on pattern matching analysis (like a lot of other vendors). We do have our own internal core ruleset to be able to better detect known, unknown, and modified attacks.
The key word here is “better” since no actual cybersecurity solution is 100% foolproof and if any solutions say so, I’d stay far far away. What we can offer is the fact that we can better detect and block various attacks utilizing our core logic analysis in addition to our upcoming deep learning engine.
Jonnieboychoi | 2 points — From what I know, DDOS attacks are quite frequent in the streaming and the video content creating world. Are there any plans to work with streamers or content creators or is it simply a matter of them coming to you guys once the problem already occurs?
taejoonj — DDoS can affect anyone with a website. As you know, certain audiences are more heavily targeted with DDoS attempts, such as content creators, e-commerce sites, gaming servers, political websites, etc. As long as content creators place uptime as a priority then they’re more than welcome to reach out to us and even trial our service.
Jonnieboychoi | 2 points — Thanks~ Follow up question tho. If someone is using a streaming platform such as YouTube, Twitch, Afreeca, and so on.., does CloudBric work through the entire platform? Or do you guys go straight directly to the creators themselves?
taejoonj — No problem! Cloudbric would actually function through the entire platform in this case.
Avathos | 2 points — Yo team! With how effed up and shit this market is, what do you think your reason for success in the first two pre-sales? Selling out both times doesn’t seem like an easy feat these days (granted the cap wasn’t TOO big). No one’s buying, nor investing much at all — what was your secret sauce?
Following that up, how does your team feel about your 5000 ETH crowd sale coming up? Do you think this will also be a sell out?
PEACE & Thanks for hosting this AMA!
taejoonj — Haha the market is currently in a bear market, but what I think people need to understand that the times of 10x, 100x, etc increases for tokens are long gone. Everyone that has interest in strong projects should do their due diligence and properly invest into projects that can make a difference.
I think this is what allowed Cloudbric to enjoy some success for our pre-sales events. The fact that we are currently operating as an award winning solution, expanding our VC network, and also reaching out to our current enterprise base certainly helped with this.
If the pre-sales are any indication, we do have high hopes to end our crowd sales on a high note, although anything is possible.
CupisCrypto | 1 point — I think this AMA is great. Thanks for taking the time to answer some questions from the community.
My questions are general
- What is the benefit of having MORE CLB tokens? how would it benefit investors holding lets say the minimum amount to stake to use the service over 10x the amount?
- Would you implement some sort of IOS or Android app for users to benefit on their cellular device?
- How would Cloudbric benefit majority users? I would imagine most of us stream the internet on and off without venturing in to the darkweb or other harmful websites. Many people have 5 or 6 websites that they visit regularly (facebook, youtube, google, etc) without much input to the deep learning.
- How will you advertise your use case to people who have never heard of crypto. Crypto is still a very niche market. Meaning that the general public will not even know where to start: purchasing, transferring CLB tokens or even after, to use their passive CLB token rewrads. Users have to liquidate on an exchange and it might seem like a big hassle to even start. Following up to this, so why put it on the blockchain?
- Is the team working on another exciting project that the community could look forward to? :)
taejoonj — Wow, love the list of questions, let me try to dig through each of these:
1) You do raise a good point here. Once you hit the minimum deposit amount of CLB tokens, we would open access to our entire suite of security solutions to you. However, the more you use Cloudbric you will continually earn more CLB tokens. Now, this could be beneficial for you as a user in several ways. First, you can continue to stake the tokens as you would like in your account and view it as more of a source of recurring passive earnings. Better yet, what we hope to do moving forward is launch full scale business partnerships with other complementary service providers via our Secure Web Alliance. For instance, we may partner up with hosting providers, specific CDN providers, etc. that would like to offer exclusive services to only our users and you can pay for services via CLB. Likewise, we will hope to establish partnerships with external service providers that utilize our decentralized database, such as third party wallet providers or applications, that accept payment in CLB. The possibilities are endless here.
2) Yes, our end point or mobile device security client will be made available as either a desktop client (for your PC) and mobile application (both iOS and Android compatible) in order for you to activate our security for your device. We are currently testing a prototype now internally and will have this integrated into our platform by mid 2019 (which is our initial service launch).
3) This is certainly true for a lot of people, but I think you might be missing the point where the security itself would benefit you as the user, rather than you actively contributing new information consistently. At the end of the day, we’re all human and anyone can fall victim to clicking on a spam URL that’s infested with malware or accidentally sending your valued cryptocurrency to fraud addresses. What we aim to achieve with Cloudbric is to provide you that peace of mind so that even if you make mistakes (which can happen), we’ll always be there to actively protect you. In this case, if you accidentally click on a bad advertisement, link, or send crypto to a bad address, we’ll block access or the transfer of funds to these sources that were ultimately added to our threat database. That’s the beauty of Cloudbric in action.
4) This is an excellent question and something we’ve considered internally for a while. The best solution that we came up with is that we will keep fiat payments open for enterprises that would like to utilize Cloudbric, so that our resellers or larger customers will still be able to protect their clients as we make the transition to the full security platform. For general end users, we feel that the need for cybersecurity from the blockchain community will drive our first wave of user acquisition. Once the rest of the general population catches up to the cryptocurrency integration, we will really see our service blossom. This is why we believe our full scale service expansion will occur around early 2020 according to our project roadmap.
5) As you know, our security platform will consist of 4 components: website security, mobile device security, secure wallet, and decentralized threat DB. We’ve completed development for two of these components and are actively available at www.cloudbric.com. As for the mobile device client and secure wallet, they are current in-development with one of them already in QA testing phase. We hope to bring all of these solutions into one consolidated platform by 2019 for initial launch.
In the future, one really exiting project that we hope to work on is the transition to securing IoT appliances. Once we roll out our full platform, we hope to utilize our patented deep learning technology to begin securing communications protocols directly tied to the IoT industry. This would open the door for Cloudbric to secure your connected cars, smart factories, home appliances, etc. in the future.
Stay tuned, big things are coming!
CryptoRocky | -3 points — Will you allow external developers to create new modules that can add to value of system ? If so, will they be compensated?
taejoonj — Yes, of course! Decentralizing our cyber threat database will seen in pretty much two (2) forms. First, the data will be made into free to use tools and resources listed on our Cloudbric Labs page (https://labs.cloudbric.com). Any general end user can visit this page to see all of our attack information being disseminated and aggregated in real time and from there they can take and choose what information is important to them.
Secondly, our database will be made available in the form of custom APIs that enterprises, governmental institutions, or even security developers can use. For example, we certainly do not want to force anybody to use Cloudbric especially if they’ve already invested the time and money to utilize a specific solution prior. What they can do is utilize our APIs to ensure that their current security systems reflect the most up to date and diverse cyber threat information being reporting/discovered around the world. Also, for developers they can utilize this information to potentially create their own tools or plugins to be provided to our user community. This could play a possible role in our Secure Web Alliance network which will be a list of partnering companies that utilize Cloudbric and want to offer exclusive servicing to our users.