Doxreporter Brings Blockchain Storage to Cyber Incident Reporting

In this interview, we speak with Al Wilson about Doxreporter, a newly launched blockchain-enabled mobile cyber incident reporting app. We explore how the project leverages immutable storage to enhance security protocols and discuss its recent Proof of Usefulness score.

What does Doxreporter do? And why is now the time for it to exist?

This is a first-of-its-kind blockchain-enabled mobile cyber incident reporting app. The deployed app version is public, and the enterprise version is adaptable for organizational cyber incident reporting. Incident data can be aggregated and analyzed across organizations to identify soft spots and trends. The app features report sending to multiple emails, mobile reporting with homescreen and desktop install options. Now’s a good time for Doxreporter to exist because organizations increasingly need immutable, verifiable records of cyber incidents for compliance, insurance claims, and internal security investigations.

Who does your Doxreporter serve?

The deployed app version is public with enterprise deployment options available. This is for anyone interested in mobile cyber incident reporting and immutable blockchain storage, with the report link sent to multiple email addresses.

What technologies were used in the making of Doxreporter?

To build a secure and reliable platform, we utilized Neon Postgres for scalable serverless database management alongside Google Cloud Storage (GCS). Authentication and communications were streamlined using Postmark, and the entire application was published on Netlify to ensure seamless deployment and accessibility. Google Auth 2.0 permits contacts access for report sending, and we are using Pinata for IPFS node storage in lieu of Roën chain storage for reasons of ongoing development.

What is the traction to date for Doxreporter?

Having just launched last week, Doxreporter is in the early stages of building a community and generating awareness. The project is primarily tracking its initial engagement through social channels, building an audience and professional network on platforms like Instagram and LinkedIn.

What excites you about this Doxreporter's potential usefulness?

What I find most exciting about this app is that it combines the redundant reporting capabilities that organizations need with immutable blockchain storage for recording metadata for incident investigations and insurance claims. It's also capable of reporting from anywhere and sending report links to multiple email addresses selected from contacts.

Walk us through your most concrete evidence of usefulness.

The single unique feature that distinguishes this application from others in the incident reporting category is the blockchain-enabled backend providing for immutable and tamper-proof report storage accessible from anywhere with a report link. This is considered to be a first in the industry and the web3 backend redundant architecture is expected to be duplicated by competitor apps, using the same feature as a storage option for system-identified critical incidents that warrant immutable recording on the blockchain. It's a capability that strengthens the business case by enhancing report authenticity.

How do you measure genuine user adoption versus "tourists" who sign up but never return?

Everyone needs tourists, especially those who like to shop. If they like what they see, then they become 'adopters'. Free users are appreciated as much as professional and enterprise users, as they are all essential to the ecosystem. The numbers are more critical when the investment exceeds the returns and when the app is used on an exclusively free basis, a circumstance that would necessitate a re-evaluation of the business case.

If we re-score your project in 12 months, which criterion will show the biggest improvement, and what are you doing right now to make that happen?

Numbers will be the indicator for both enterprise users and professionals. We're not relying completely on organic growth with targeted outreach to cybersecurity firms for potential integration into their existing incident reporting and response stack. Other initiatives include social media and professional networking updates.

Since your current metrics for active users and monthly revenue are currently blank, what is your go-to-market strategy to transition from a newly launched app to a widely adopted enterprise solution?

We're not seeking to be adopted as a single solution but rather an augmentation to existing functionalities. The architecture can be deployed in nearly any mobile reporting solution and adapted to the unique reporting requirements of organizations. This describes our enterprise offering in a nutshell, for which we have a development team standing by to provide white-label and customized integrations conforming with client demands.

The Proof of Usefulness report highlighted your immutable blockchain storage for cyber incident reporting as a solid concept. How will you prove this utility to risk-averse organizations looking to upgrade their current reporting systems?

It's already been proven. There is a need for preserving evidence for investigations and insurance claims, and the blockchain offers the most viable solution. The extra layer of security that web3 DApps offer is ideal for cybersecurity reporting requirements. With byte-for-byte duplication from web 2.0 and tamper-proof protocols, the security layer is accessible anywhere with an internet connection. Scrubbing personal and sensitive information from reports addresses any concerns for privacy and confidentiality when considering the nature of storage on a public blockchain. Although this concept may have been previously dismissed on the basis of information sensitivity on a public blockchain, the benefits of immutable storage of non-sensitive metadata for critical incidents outweighs any information security concerns.