Case Study: Waves Enterprise achieves hardened blockchain security with Kaspersky Lab

Assessing blockchain platform to secure enterprise data and infrastructure

Waves Enterprise, a hybrid blockchain platform for enterprise and public-sector projects, needed to ensure the confidentiality, immutability and resilience of millions of records and integration with existing IT infrastructure. To validate the application-side security of its platform and avoid risks in production, Waves Enterprise engaged Kaspersky Lab for a Blockchain/Application Security Assessment and code testing as part of its development lifecycle.

Kaspersky Lab performed black- and grey-box testing, code assessment and demoed exploit scenarios, uncovering issues such as username enumeration in the “Forgot Password” flow and critical vulnerabilities in OS/Docker images and third‑party libraries that could lead to denial of service or data disclosure. Kaspersky Lab supplied payloads and attack scripts for automated testing, guided remediation, and verified fixes in a follow-up assessment; Waves Enterprise released version 1.2 in March 2020 with confirmed improved security, reduced operational risk and greater customer confidence.

Waves Enterprise

Artem Kalikhov

Chief Product Officer