In depth review for the November Pangea Hashnode Securathon winners!

Thanks to everyone who participated in the November Pangea Securathon! I was blown away by the 300+ registrants and the diverse array of projects that you submitted in just a short 2 weeks. Your contributions covered such a broad set of ideas and showed great creativity. The Pangea Secureathon not only served as a platform for competition but also as a learning experience for all involved!

Our judging panel included our Co-founder and CTO Sourabh Satish, our Chief Product Officer Rob Truesdell, Developer Advocate Pranav Shikarpur, and myself! Participants were judged based on Innovation, Technical Complexity, Relevance to Pangea, Utility, and Presentation. I’m proud to announce the winners who have demonstrated exceptional creativity, technical skill, and a deep commitment to enhancing cyber security.

Let’s get into our favorite submissions:

First Place: Pommento

Our grand prize goes to "Pommento" developed by Hussain Shaikh. This project was voted first place because it represents exactly what security measures should be taken for any application that has social features, such as user commenting. This project presents a secure comment service that can be embedded into any cloud application. It provides a great example of how Pangea’s Threat Intel services can be used to secure apps that handle user-generated-content (UGI) - in this case comments. Pommento used 7 Pangea services to accomplish this:

• Redact - used to detect profanity in the text and redact it.

• URL Intel - used to look up the reputation of any URLs present in the comment.

• Domain Intel - used to look up the reputation of any domain present in the comment.

• User Intel - used to look up the user’s email to see if it was previously breached.

• IP Intel - used to look up the reputation of the user’s IP.

• Embargo - used to block comments that originate from any sanctioned countries.

• Secure Audit Log - used to record the occurrence of an event, the time at which it occurred, the responsible user or service.

Hussain's work exemplifies the innovative spirit we cherish at Pangea Cyber. Explore more about Pommento at Hussain’s blog post.

Runner-Up: Nexa

Annu’s project, "Nexa," stands out as our first runner-up. We selected Nexa as a runner-up because of its practical applicability to the healthcare industry in general. The use of QR codes to allow a doctor or patient to retrieve medical records is very helpful. It saves time by digitizing the records, and helps ensure accuracy in patient information to avoid situations like prescribing medications that could trigger a known (but unreported) allergy. On the technical front, Nexa implements a novel approach to streamlining server access management. Annu's dedication and innovative use of the 8 Pangea services are commendable. Learn more about Nexa at Annu’s blog.

Runner-Up: CLI for Streamlining Server Access Management

Tegar's submission, a Command Line Interface (CLI) for Streamlining Server Access Management with Pangea Vault and AuthN, is another innovative project. Any technical user operating on a CLI is always on the lookout for convenient and secure secrets and key management. This project takes that capability to the next level by combining Pangea’s Vault via CLI with a great user experience using Pangea’s hosted authentication. The transition between the CLI experience and the hosted authentication is really smooth! Tegar’s expertise in integrating Pangea’s solutions into a CLI tool is a testament to the versatility and power of Pangea’s services. Discover more about Tegar’s project at his blog.

Runner-Up: Compress

Adeyeye George’s "Compress" is a notable entry, focusing on a unique use case in applying security within compressed files. This is a niche use case that is encountered very frequently. The ability to apply Pangea File Intel and File Scan operations to objects within compressed files is an important but often overlooked activity. What is great about Adeyeye’s project though is that she did this with a great user experience. Further, she wrote a PHP SDK for the APIs which was great to see. This project again demonstrates how Pangea's technology can be adapted to a wide range of applications. Read more about Compress at Adeyeye’s blog.

Runner-Up: DisGuard

Finally, Aadarsh’s "DisGuard" impressed us with applying a broad set of security capabilities to user-generated content on Discord servers. This project introduced a convenient way of using Pangea’s Security Services via bot integration on Discord to protect users against malicious URLs and domains exchanged in user messages. Additionally, DisGuard is on the lookout for users exchanging keys and tokens in their messages and using Pangea’s Redact service to ensure that type of sensitive data is not shared in a chat. . This innovative application of Pangea’s technology in a popular communication platform like Discord is a great demonstration of how to integrate security into an application without impacting the user experience. For more details, visit Aadarsh’s blog.

Thanks again to all of the amazing participants. You can see all of the other great submissions here: https://hashnode.com/n/pangeasecurathon and if you haven’t already make sure to check out all of Pangea’s comprehensive API-based security services that enable you to create a safe app experience and accelerate your time-to-market. https://pangea.cloud/