PolySwarm

This page is available in English.

このページは日本語でもご利用いただけます。

简体中文版

繁體中文版

Latest News: Threat hunting is live!

Read the Article

Crowdsourced threat detection

Analyze suspicious files, at scale, millions of times per day. Get real-time threat intelligence from a crowdsourced network of security experts and antivirus companies.

Scan your first file

Scan suspicious files with PolySwarm’s marketplace

Welcome to the PolySwarm marketplace, where security experts and AV companies compete to protect you.

scan file

The power of the crowd

Malware and threat scanning engines, built by security experts and AV companies around the world, converge at a single access point - the PolySwarm marketplace - and work 24/7 to help enterprises detect threats and get intelligence about suspicious digital artifacts (files, URLs, network traffic, etc.).

scan results

Incentivized competition: bug threat bounties at scale

A Threat bounty is an economic reward offered in exchange for an accurate prediction on the maliciousness of a digital artifact (URL, file, network traffic, etc.). In the PolySwarm marketplace, Threat Bounties incentivize a crowdsourced network of security experts and antivirus companies to accurately tune their microengines and compete to protect enterprises.

Enterprises and MSSPs submit, via API, millions of suspicious artifacts, daily, to PolySwarm’s marketplace.

submission
Next Step →

Microengines scan and provide assertions (malicious or benign) for all artifacts that fall within their expertise. They put their money where their mouth is: along with each assertion, they are required to stake tokens to signal their level of confidence.

As seen in Engine D, engines are not required to assert on all artifacts and can "pass" when uncertain or outside their expertise.

compete
Next Step →

Once the Microengines have reached a verdict, all assertions are funneled back to the customer.

enterprise verdict

The consensus verdict of the network, malicious or benign, is passed back to the customer.

mssp verdict
Next Step →

In one to two weeks the PolySwarm protocol converges on ground truth for that decision.

Next Step →

Engines that made the right assertion are proportionally rewarded (to the amount staked) with the tokens staked by the engines that were wrong, plus a portion of the enterprise subscription fees.

reward

What makes us different

  • Specialized expertise

    Unlike other multiscanner aggregators, PolySwarm offers the lowest barrier to entry for individual security experts who have actionable intelligence on threats. The Marketplace offers a ‘swarm’ of smaller infosec shops and security experts access to a vast stream of malware samples and a large market to monetize their niche expertise, simultaneously helping to expand PolySwarm’s coverage of the threat landscape.

  • Economic incentives & penalties

    Security Experts’ engines get paid to be right, but are also required to put their money where their mouth is when making predictions. This economic pressure incentivizes specialization, and results in higher Signal-to-Noise ratio.

  • Transparency

    Every supplier’s track record is stored in a blockchain, visible by all, editable by none. PolySwarm provides an objective way to track supplier performance over time, based on their field of expertise.

  • Private communities

    We are introducing the concept of private -invite only- communities, keeping artifacts in the hands of a selected set of participants. In addition, PolySwarm supports "anonymous" participation - only an ethereum address is absolutely required.

traditional approach PolySwarm approach

How we compare

VirusTotal PolySwarm
Suppliers Antivirus companies Antivirus companies and diverse security experts
Coverage Must deliver overlapping core coverage Rewards based on accuracy and specialization
Confidence (SNR) Must respond to all files, even if unsure Selectively respond with confidence
Barrier to entry Engine with broad coverage, established customer base No restrictions - anyone with codified threat detection software can participate
Privacy Customers can see everything from anyone Anonymous participation and private communities

Join the marketplace

For enterprises
and businesses

Learn more

For security experts
and AV companies

Learn more