Bitcoin Forum

SECURE PLANET
"Github" for IoT Security

Secure Planet is the world’s first decentralized security knowledge base. We aim to build the largest crowdsourced security knowledge base, making everyone’s life more secure by ensuring security in all IoT devices and connected cars. Open Source Software (OSS) is plagued by various security issues that no one is incentivized to solve. By crowdsourcing security vulnerability reporting and utilizing tokenized incentives, Secure Planet aims to secure the next generation of IoT devices.

---

WEBSITE: http://secureplanet.io

FACEBOOK: https://www.facebook.com/secureplanetio
TWITTER: https://twitter.com/secureplanetio
REDDIT: https://www.reddit.com/r/secureplanetio

TELEGRAM (ENGLISH): https://t.me/secureplanetio
TELEGRAM (CHINESE): https://t.me/secureplanetio1

---

SECURE PLANET PARTNERS

Insignary: https://www.insignary.com
BearingPoint: https://www.bearingpoint.com/en-us
bkl BAE, KIM & LEE LLC: http://www.bkl.co.kr/main/en/main.jsp#law/main.jsp
O'Melveny & Myers LLP: https://www.omm.com

INSIGNARY CLIENTS & PARTNERS

AhnLab: https://global.ahnlab.com/site/main.do
Panasonic: https://www.panasonic.com/global/home.html
KISA: https://www.kisa.or.kr/main.jsp
Ruijie Networks: https://www.ruijienetworks.com
Hitachi Solutions: https://web.hitachi-solutions.com

---

OPEN SOURCE IN THE INTERNET OF THINGS

• 77% of IoT codebases is comprised of OSS on average
• 677 known OSS related vulnerabilities per IoT device on average
• 99.9% of hacking exploits use known security vulnerabilities

---

OUR VALUE

Blockchain Database
Creating an immutable database that is managed by a decentralized community. Empowered by the blockchain, Secure Planet’s vulnerability database will become the largest, most up to date, and most accurate security database.

Crowdsourced Knowledge
Secure Planet utilizes the wisdom of the crowd. The security database will act as an open knowledge base similar to Github, where the OSS security community can contribute their knowledge. The decentralized library will surpass any centralized information gathering efforts.

Tokenized Incentives
With no clear compensation structure, there is a lack of motivation to report OSS vulnerabilities. Secure Planet solves this issue through a scalable token-based reward system, rewarding users with tokens for reporting and validating vulnerabilities.

Interface and API
The Secure Planet database aims to become the largest library for known vulnerabilities. Because of the massive size of data, the database will be accessible through an intuitive GUI interface and API queries. It will be accessible in real-time.

---

CORE COMPONENTS

IoT Specialized Open Source Software
Secure Planet is uniquely positioned to provide IoT OSS usage statistics that are crucial for bounty prioritization and optimization of vulnerability reporting.

Insignary Technology:

• Custom Binary Scanner: Enterprise solution to scan IoT firmwares, mobile app, etc. to identify used OSS & its security issues.
• Patented Fingerprint Technology: Higher degree of accuracy and wide range of coverage vs. competitors due to unique fingerprinting technology.
• Real-Time Vulnerability Monitoring: A tool that provides continuous monitoring of vulnerability exposure of IoT device to manufacturers and users.

---

TEAM

Tae-Jin (TJ) Kang (CEO)
Samsung Electronics
Korea Telecom
University of Toronto
https://www.linkedin.com/in/tae-jin-tj-kang-b373a75

Sihaeng Cho (CTO)
AhnLab
Hancom
Hanyang University
https://www.linkedin.com/in/sihaengcho

Taek Wan Kim (COO)
Hyundai
Black Duck Software Korea
Yonsei University
https://www.linkedin.com/in/taek-wan-kim-90aab63

Mahnjoon Jang (CFO)
LG Venture Partners
M-Ventures
SNU, KAIST
https://www.linkedin.com/in/mahnjoon-jang-bba498166

Mike Pittenger (CSSO)
Veracode
Black Duck Software
Dartmouth College
https://www.linkedin.com/in/mike-pittenger

Bo Ahn (CPO)
Boston Consulting Group
Oracle
New York University, Washington University
https://www.linkedin.com/in/bo-ahn-2644612/

---

ADVISORS

Andy Tian
Founder of GIFTO Project
CEO Asia Innovations Group
https://www.linkedin.com/in/andytian

Dr. Jin Ho Hur
VC, Serial Entrepreneur
SEMA Translink, Neowiz
https://www.linkedin.com/in/hurjinho

Ed Ho
Samsung Electronics
X.com (Paypal) Co-founder
https://www.linkedin.com/in/ed-ho-bb563

Claus-Peter Wiedemann
OSS Expert
Linux Foundation, BearingPoint
https://www.linkedin.com/in/cpw01

Youngjin Seo
OSS Expert, Entrepreneur
Intel, MIZI Research
https://www.linkedin.com/in/youngjin-seo-9695724b

Claus Nehmzow
Digital Innovation Leader
BP, Booz Allen Hamilton, Accenture
https://www.linkedin.com/in/clausnehmzow

William Weiss
Executive Advisor to Boards
Ericsson, IBM, Silicon Image
https://www.linkedin.com/in/william-weiss-a68511b9

Janae Stow Lee
Enterprise Sales & Marketing
Quantum, Dell-EMC, IBM
https://www.linkedin.com/in/janaestowlee

  yesterday, I saw your presentation. good luck

I like the concept and advantage of your project. I see the value and core components of Secure Planet platform very promising and interesting. Secure Planet brings a good innovation for IoT devices.  ;)

The ICO scheme looks very promising in my opinion this is the most favorable distribution of income

This is very good project, thanks for your project and wish you best of luck.

Better IoT Security Through Crowdsourced Databases – Welcome to Secure Planet
http://secureplanet.io/319/better-iot-security-through-crowdsourced-databases-welcome-to-secure-planet

Welcome to Secure Planet, the developers of the world’s first decentralized security knowledge database. We like to call ourselves the Github of IoT security. Our mission is to build the largest crowdsourced security vulnerability information database to make everyone’s lives secure by ensuring security in all IoT devices and connected cars.

Does your project have a product? or everything is still in the paper? Do you have any advantage to impress the investors?

Watching this thread the concept is pretty cool so I also think this will be successful project. The team is looking credible and escrow is also legit so this project will make new history when it will offer.

Blockchain Week in Seoul – July 17th – 22nd, 2018
https://secureplanet.io/392/blockchain-week-in-seoul-july-17th-22nd-2018

Amidst the frenzy surrounding blockchain technology and cryptocurrency investments, our CEO Tae-Jin Kang and CSO Andrew Jang successfully delivered the Secure Planet mission – to ensure security in all IoT devices and connected cars by building the largest crowdsourced security vulnerability information database.
We plan to continue this momentum during our future roadshows across Asia at the end of August.

Secure Planet at Blockchain Accelerate Conference
https://secureplanet.io/380/secure-planet-at-blockchain-accelerate-conference

On July 31st, 2018, Blockchain conference specialist BLOCK SQUARE held the “Blockchain Accelerate Conference” in Seoul, South Korea. Our CSO Andrew Jang had the opportunity to present Secure Planet's mission and technology at the event.

this is the big project that i was see. and i see too many people join with this team. i will follow about the update of this project.

a project being watched by many investors. With the strong team they are developing the project with a new, intimate and convenient platform, easy to use. With the clear roadmap I believe in the success of the project in the near future, people should not miss this opportunity.

Secure Planet for Connected Cars
https://secureplanet.io/746/secure-planet-for-connected-cars

By creating the decentralized Secure Planet OSS Security Database (SPDB) and activating the SPX tokenized incentive system, Secure Planet will provide this alternative system of vulnerability reporting and verification to help secure connect car industry.

Introducing Secure Planet's First Partner, Insignary
https://secureplanet.io/869/introducing-secure-planets-first-partner-insignary

By collaborating with Insignary, Secure Planet can pinpoint which OSS projects are most commonly deployed in IoT applications and calculate the appropriate bounty prices based on the usage popularity of each OSS project.

Any chance project team is making some sort of  interview with team members to boost an investor confidence and to share their vision of maecenas goals?

"IoT device" and "crypto-currency" have high affinity. Together they are easy to collaborate because of technologies that will be developed together.
As for cars, I feel that private ownership decreases and public ownership, that is, sharing increases. In that case, "crypto-currency" will instantly reflect the authentication, activation, comfortable temperature, music, seat setting etc. from the user's previous record. In this way, all processes are executed with one coin. This is the future we want.
Please develop without stopping, I expect it.

LIVE CoinInterview episode coming soon!

Meet Tae-Jin (TJ) Kang, CEO and Co-Founder of Secure Planet
https://secureplanet.io/900/meet-tae-jin-tj-kang-ceo-and-co-founder-of-secure-planet

The Secure Planet team consists of entrepreneurs and industry professionals with expertise in the areas of technology, open source software, security, venture capital, who have also served in leadership positions at global corporations.
TJ Kang is the CEO and Co-Founder of Secure Planet, and the instigator of our initiative.

Secure Planet in Your DevOps Process
https://secureplanet.io/894/secure-planet-in-your-devops-process

For the many enterprises that heavily leverage OSS, Secure Planet will provide an SDK that will enable automated queries to the SPDB. As a result, organizations can integrate regular SPDB queries into their DevOps process.

BearingPoint Signs MOU With Secure Planet
https://secureplanet.io/1031/bearingpoint-signs-mou-with-secure-planet

A key ingredient to ensure the success of a new organization is the people who believe in and are willing to contribute to the organization’s vision.
Secure Planet is happy to announce that at this early stage, we have found a partner who supports our mission and will help us manifest it into a reality.

Secure Planet Launches on GitHub to Share Project Development and Expand Online Presence
https://secureplanet.io/1067/secure-planet-launches-on-github-to-share-project-development-and-expand-online-presence

As the self-proclaimed GitHub of IoT security, Secure Planet is happy to announce that we have officially launched our GitHub profile. We have so far uploaded our progress on the POC and will continue to share future development on this platform.
Check out our GitHub here: https://github.com/secureplanetio

Secure Planet’s CEO Tae-Jin Kang Featured on MBN
https://secureplanet.io/1163/secure-planets-ceo-tae-jin-kang-featured-on-mbn

MBN recently conducted and published a Q&A with Secure Planet’s CEO Tae-Jin (TJ) Kang, to learn how he and his team are helping secure thousands of business applications around the world.

Meet Our Advisors: Andy Tian and Jin Ho Hur
https://secureplanet.io/1187/meet-our-advisors-andy-tian-and-jin-ho-hur

Secure Planet is fortunate to have a team of advisors who each possess specific skill sets that bring value not only to the our ICO, but to the continuing success of the Secure Planet initiative.

Looking for the status also. Browsing their website but to no avail. Can someone give the link what's going on with the development of their product?

Secure Planet in Shanghai for International Blockchain Week
https://secureplanet.io/1247/secure-planet-in-shanghai-for-international-blockchain-week

From September 10th to 12th, the Secure Planet team will be travelling to Shanghai for Blockchain New Economy: Tech Exploration – the 4th Global Blockchain Summit.

I'm also looking for them, hope someone provides it to me

Secure Planet on Bitnews Today: Crowdsourced Blockchain Security Solution
https://bitnewstoday.com/market/technology/over-14-000-new-vulnerabilities-reported-in-2017-how-blockchain-to-improve-the-cybersecurity/

Thanks for your interest in Secure Planet. Currently, we are focusing on product development over public marketing. We have already completed our PoC (Proof of Concept) and have uploaded code on Github (https://github.com/secureplanetio).

Feel free to follow our progress in the Secure Planet chatroom (https://t.me/secureplanetio).

Check Out Our Article on Bitnews Today: Crowdsourced Blockchain Security Solution
https://secureplanet.io/1256/check-out-our-article-on-bitnews-today-crowdsourced-blockchain-security-solution

Despite its considerable merits, open source is known to harbour vulnerabilities that are difficult to identify and track, highlighting the need for better vulnerability information to implement proper risk management.

Secure Planet at Blockchain Seoul Expo
https://secureplanet.io/1356/secure-planet-at-blockchain-seoul-expo

Earlier this week, leaders of the blockchain community from all around the world (including our CSO Andrew Jang!) gathered at Blockchain Seoul Expo to discuss developments in the global Crypto valley and economy.

Featured on Bitnews Today: The US and Chinese National Databases Withhold Vulnerability Information. Decentralized Database Can Deal With It
https://secureplanet.io/1333/featured-on-bitnews-today-the-us-and-chinese-national-databases-withhold-vulnerability-information-decentralized-database-can-deal-with-it

The second part of our article series on Bitnews Today points out the deficiencies of today’s government-sponsored, centralized vulnerability databases, and outlines the steps we must take to build an alternative and decentralized database of vulnerability information.

Secure Planet Visits Shanghai for International Blockchain Week (Photos)
https://secureplanet.io/1371/secure-planet-visits-shanghai-for-international-blockchain-week-photos

Check out some photos of Secure Planet's attendance at the 4th Global Blockchain Summit in Shanghai.

It's very strange that such a project with such advisors does not enjoy such popularity. Like and with the community, the connection is good but the result is not very obvious. Maybe it's worth a little advertising to add or run some kind of competition?
And what is this special patent for fingerprint technology? Is he registered in the US? So he has a number on which you can find in the register of the government?

You’re correct. We are a major project, but we are currently still in stealth mode. Congratulations on being an early adaptor! We are aligning all the pieces before we start marketing. So please subscribe to our newsletter on our website (https://secureplanet.io).

Regarding our patents, our American patents are currently being processed. The application numbers are 15858119 and 15884901, however they are unable to be searched for at this time due to their pending status. Our Korean patents (10-2017-0118840, 10-2017-0127693) are also being processed.

Our fingerprinting technique was featured in CSO articles, reported by ACI (American Consumer Institute) using Insignary’s tool Clarity. Check out the two articles below:

1. Open-source reuse has left Android’s most-popular apps laced with critical vulnerabilities
https://www.cso.com.au/article/647313/open-source-reuse-has-left-android-most-popular-apps-laced-critical-vulnerabilities/

2. You can’t secure your network without securing your routers - and your user’s routers
https://www.cso.com.au/article/647396/can-t-secure-your-network-without-securing-your-routers-your-users-routers/

The Secure Planet Economy – Who Keeps it Running?
https://secureplanet.io/1292/the-secure-planet-economy-who-keeps-it-running

Secure Planet’s data-rich, accurate, and affordable security knowledge base crowdsources vulnerability information and remediation instructions, incentivizes contributors with token rewards, and provides users with an easy-to-use interface. Our ecosystem involves two groups of actors – information contributors and database users – who ensure the continual operation of the Secure Planet economy.

Sounds great. We'll see how it goes further if the patents approve and I am sure that it will be necessary to launch the advertisement. Such a project is needed by the market, although you have quite a few competitors right now. If you need a translation into Russian or Hebrew for local topics, please contact.

Featured on IT Chosun: Secure Planet Begins Private Sales
https://secureplanet.io/1446/featured-on-it-chosun-secure-planet-begins-private-sales

This blog post is a translation of IT Chosun’s feature on Secure Planet titled “Incentivizing White Hat Hackers With Cryptocurrency: Secure Planet Begins Private Sales."

Secure Planet at SF Blockchain Week
https://secureplanet.io/1467/secure-planet-at-sf-blockchain-week

This week, Secure Planet will be in California for SF Blockchain Week! Described as “blockchain event of the year,” this program seeks to push the boundaries of blockchain innovation and integration by providing world-class education for both consumers and developers.

Secure Planet Announces Its TGE to Power the First Crowdsourced, Security Vulnerability Knowledge Database
https://secureplanet.io/1471/secure-planet-announces-its-tge-to-power-the-first-crowdsourced-security-vulnerability-knowledge-database

PRESS RELEASE: By democratizing security vulnerability reporting and utilizing tokenized incentives, Secure Planet aims to better secure Open Source software, with an emphasis on projects critical to the next generation of IoT devices.

Featured on RFID Journal: Better IoT Security Through Crowdsourced, Blockchain-Driven Platforms
https://secureplanet.io/1494/featured-on-rfid-journal-better-iot-security-through-crowdsourced-blockchain-driven-platforms

We were featured on RFID Journal. Check out the link above for an abridgement of our bylined article, “Better IoT Security Through Crowdsourced, Blockchain-Driven Platforms,” written by Secure Planet’s CEO Tae-Jin (TJ) Kang.

Will the incentive for new vulnerability discoveries, the award, or the amount of tokens to be gained, be consistent with the complexity of the vulnerability encountered?

The amount of tokens Secure Planet awards to contributors will vary depending on each individual case.

Two major factors will determine the amount of awarded tokens. They are as follows:

• Popularity of the open source software containing the vulnerability - the higher the usage and/or adoption rate of the open source project, the higher the token amount

• Vulnerability severity ranking - the more critical the vulnerability, the higher the token amount

Featured on ZDNet: Using Blockchain to Detect Open Source Security Vulnerabilities
https://secureplanet.io/1508/featured-on-zdnet-using-blockchain-to-detect-open-source-security-vulnerabilities

Secure Planet was featured on ZDNet Korea. The article includes a Q&A with Secure Planet’s CEO Tae-Jin (TJ) Kang, COO Taek Wan Kim, and Chief Security Strategist Mike Pittenger.

Mike Pittenger and Claus-Peter Wiedemann at Secure Planet Technology Workshop
https://secureplanet.io/1532/mike-pittenger-and-claus-peter-wiedemann-at-secure-planet-technology-workshop

Earlier this month, we hosted a week-long Secure Planet technology workshop at our home office. We were fortunate enough to have our Chief Security Strategist Mike Pittenger and advisor Claus-Peter Wiedemann fly in from the U.S. and Germany respectively to participate in the event.

Meet Andrew Jang – CSO of Secure Planet
https://secureplanet.io/1550/meet-andrew-jang-cso-of-secure-planet

The Secure Planet team consists of entrepreneurs and industry professionals with expertise in the areas of technology, open source software, security, and venture capital. Andrew Jang handles the communication for and execution of all our strategic initiatives.

Secure Planet Releases White Paper – Available on Our Website!
https://secureplanet.io/1568/secure-planet-releases-white-paper-available-on-our-website

The Secure Planet white paper delves into the inherent issues of Open Source Software (OSS). In particular, the lack of incentive to fix publicly known security flaws. It explains, in depth, how the SPX tokenomics has been designed to incentivize the active reporting and remediation of vulnerabilities. The white paper will act as the primary manifesto for the next generation of IoT device security.

Thanks for the info.

Secure Planet FAQ #1: How Many Tokens Can I Earn as a Contributor?
https://secureplanet.io/1586/secure-planet-faq-1-how-many-tokens-can-i-earn-as-a-contributor

The popularity of the open source software project and the severity of the detected vulnerability will determine the amount of tokens a contributor can earn.

Secure Planet on Coin Interview – November 6 @ 7PM Pacific Time
https://secureplanet.io/1602/secure-planet-on-coin-interview-november-6-7pm-pacific-time

Tune in to watch the Q&A with our CSO Andrew Jang and learn more about Secure Planet’s mission, technology, and next steps.
https://www.youtube.com/watch?v=qsOSpCiwvzk

Bite-Sized White Paper #1: IoT Security Trends and Challenges
https://secureplanet.io/1614/bite-sized-white-paper-1-iot-security-trends-and-challenges

The Bite-Sized White Paper series breaks down the Secure Planet white paper into shorter, digestible pieces so our readers can better understand what drives our mission.

Bite-Sized White Paper #2: Open Source Software is a Low Hanging Fruit
https://secureplanet.io/1627/bite-sized-white-paper-2-open-source-software-is-a-low-hanging-fruit

In the second edition of these series, we weigh the merits of open source software against its risks - the combination of which make it a low-hanging fruit for hackers.

Who decides whether a discovered vulnerability is severe or not? That's a process that can hardly be judged highly objectively. What does the scale for the ranking look like?

How Can Blockchain Technology Prevent IoT Security Breaches?
https://secureplanet.io/1636/how-can-blockchain-technology-prevent-iot-security-breaches

Blockchain promises individuals control over their own information, which is why Secure Planet will leverage this technology to create our vulnerability database.

The severity of the security vulnerabilities, like the reporting of vulnerabilities themselves, will be determined through a crowdsourced voting process. Voting will take place for ten days and contributors must vote for one of two outcomes: 1) yes, the vulnerability is accurate and should be included in the database, or 2) no, the vulnerability not accurate and should be rejected from the database.

The “Yes” voters must also assign the “Vulnerability Score” using the CVSS calculator at
https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Their submissions will be averaged out to derive the official Vulnerability Score.

Once Secure Planet reveals the majority vote, the verifiers who voted on the winning outcome will be rewarded with SPX and Rep Tokens. Verifiers who chose the losing vote will lose Rep Tokens and receive no SPX.

Bite-Sized White Paper #3: The First Bug Bounty Program for Open Source
https://secureplanet.io/1660/bite-sized-white-paper-3-the-first-bug-bounty-program-for-open-source

In this edition of the Bite-Sized White Paper series, we explore the need in the market for a security solution that prioritizes OSS – and how Secure Planet can fill this gap.

Secure Planet FAQ #2: Who Determines the Severity of a Vulnerability?
https://secureplanet.io/1670/secure-planet-faq-2-who-determines-the-severity-of-a-vulnerability

The severity of the security vulnerabilities, like the collection of vulnerabilities themselves, will be determined through a crowdsourced voting process.

Does anyone hold a majority in the network in the beginning or is the network more or less evenly distributed?

How to Whitelist The Secure Planet Team
https://secureplanet.io/1704/how-to-whitelist-the-secure-planet-team

If you experience trouble viewing Secure Planet newsletters in your main inbox, read on to find out how to whitelist our email address – secureplanet@secureplanet.io – for Gmail and Outlook.

Featured on JoongAng Ilbo: Using Blockchain to Address Open Source Security Vulnerabilities
https://secureplanet.io/1711/featured-on-joongang-ilbo-using-blockchain-to-address-open-source-security-vulnerabilities

Joongang Ilbo sits down with our CEO Tae-Jin Kang to discuss Secure Planet, as well as his experiences that led to the development of our initiative.

For the on-chain network, we are building our DApp on an existing platform. As a result, the network distribution will reflect the platform’s policies.

As for the off-chain server, we are leveraging our partnerships to host it. The network will be evenly distributed among partners, and we plan to increase our partnerships.

Bite-Sized White Paper #5: Tokenized Incentives Prevent Inaccurate Cataloging
https://secureplanet.io/1730/bite-sized-white-paper-5-tokenized-incentives-prevent-inaccurate-cataloging

In this edition of the Bite-Sized White Paper series, we delve into the Secure Planet Tokens, the currency that flows through the Secure Planet ecosystem.

The code being opened, whoever finds bugs or some vulnerability in the code, the reward will also be high? For example, I find a vulnerability in popular open source software developed by Secure, so the award will be high?

The bounty price is determined by the usage level of the open source project that contains the reported vulnerability. The more widely the open source project is used, the higher the bounty price of the associated vulnerability.  In addition to the bounty, reporters may also receive a severity bonus. This additional remuneration will be awarded based on the severity and impact levels of the submitted vulnerability, determined by Secure Planet’s verifying community.

Bite-Sized White Paper #6: Secure Planet Rep Token
https://secureplanet.io/1757/bite-sized-white-paper-6-secure-planet-rep-token

In this edition of the Bite-Sized White Paper series, we explore Secure Planet's Rep Tokens - what they are and how to acquire them.

Meet Liz, Manager of Marketing at Secure Planet
https://secureplanet.io/1770/meet-liz-manager-of-marketing-at-secure-planet

Liz Ma is the Manager of Marketing at Secure Planet and an expert in customer relations, frequently communicating with experts in open source software industries all over the world.

Bite-Sized White Paper #7: Avoiding the “Chicken Versus Egg” Scenario Part 1
https://secureplanet.io/1777/bite-sized-white-paper-7-avoiding-the-chicken-versus-egg-scenario-part-1

In this edition of the Bite-Sized White Paper series, we discuss how Secure Planet plans to equip its database with both repository content and contributor attention.

Why Are We Failing to Properly Manage Open Source Software Security?
https://secureplanet.io/1790/why-are-we-failing-to-properly-manage-open-source-software-security

Open source software drives innovation. But without proper management, it can also expose the consumer, commercial and industrial customers to privacy violations and data theft.