#DigitalDefence Showcase: Team Tardis

#DigitalDefence Hack Winner Showcase

This is the first in a five-part series which will showcase the projects built by the Top 5 winners of the #DigitalDefence Hackathon - the biggest international cybersecurity challenge of 2020!


Team Tardis

 

Arya Anghan, David Sarkies, Mohammed Ilyas Ahmed, Ritu Kumari, Szabolcs (Szasza) Palmer

Team Tardis created a real-time malware detection scanner for all file uploads! They ranked #5 globally across all challenges

Challenge by our premium sponsor IBM: 

DevOps is increasingly incorporating a Security focus, shifting towards DevSecOps. How might a DevOps loop and \“Continuous Integration / Continuous Deployment\” CI/CD approaches be improved to better identify security misconfigurations, improving the ability to catch security issues throughout the development, deployment and ongoing operations lifecycle?

Problem Statement: 

According to OWASP, a malware injection is the #1 risk compromising web applications. Injections can infiltrate a system easily through file attachments.

Motivation: 

Organizations should be able to upload and download files from internal and external sources without worrying about this type of malware.

Solution:

A file upload security solution 


This project works like a water filter – rids the water of pollutants and gives out clean water, all without any work on your part. This solution weeds out the bad files and allows access to only the safe files, all without any additional effort or hindrance in your workflow.

Feature Highlights: 

  • Lightweight and scalable solution

  • Feeds information back to XFE to aid the global effort

  • Easy integration into clients systems
  • Proactive security before the damage occurs as opposed to reactive security that takes place after the attack
  • Aid customers to create a secure pipeline for their own systems

What does it do: 

This is a software solution that can be integrated with existing applications. It monitors file uploads in real-time and detects and prevents malicious actors from gaining footholds in the client’s systems. It does so by verifying the source’s IP address and file hash. It then cross-checks it against IBM’s X Force exchange database. If the IP is found to be malicious, the file is deleted. 

Company costs: 

  • Cloud hosting and server infrastructure

  • Marketing and outreach

  • Administration and overheads

Revenue Stream: 

  • Primary monitoring solution of files

  • Consultancy, penetration testing and security analysis for clients

  • Dedicated human monitoring as a premium service

What do you think about this project? Four more projects will be up in the new few weeks.

Let us know on Linkedin.