Files as Attack Weapons: Glasswall’s Strategy Focuses on ‘Known Good’ to Secure Documents

Glasswell CTO, Sam Hutton talks about using ‘known good’ to provide protection against document-based cyberattacks

Why Glasswall?

The key selling point of Glasswall is that we are looking for good, and are enforcing good within business documents. We are able to apply true zero-day protection. We see that across many of our customers’ sites where we actually stop threats days ahead of traditional antivirus solutions which look for bad.

Since we are looking for good, we perform thousands of checks as we go through our regeneration process. We can tease out a lot of details in terms of how a file is structured, and a lot of our customers feed that intelligence into their security operation center, and start to blend that with other real-time information to help provide them with indicators of compromise. This allows them to focus their resources on where the threats actually are, in a proactive manner, rather than reactively, as with traditional security solutions.

Not Your Typical Security Concern

We don’t have a problem educating the larger enterprises who are sophisticated and look at risk differently.  As you go down the scale to the smaller enterprises, there is a perception among them that they have the standard heuristic type of approach, and so they are protected. We have repeatedly observed that they are actually not protected with these traditional-based approaches, and it is only by looking for, and enforcing good that you are able to apply that protection.

Attack Types

What we tend to see is really nasty advanced persistent threat which would take advantage by malforming the structure or building blocks of documents. This causes the endpoint readers, such as Adobe and Microsoft Word, to exploit issues within that software.

Files as Attack Weapons

Attacks such as DDoS are very visible, and even though ISPs and some of the larger network providers have mitigations against those – when attackers succeed, it is very visible. The challenge with the business PDF or Word document attack is that these documents are the lifeblood of the organizations and it is very difficult to put policy around them. Even if you don’t know an employee within your organization, if you send them a PDF file, 9 times out of 10, they will open that document. They are very hard to detect, hard to stop, and very effective for gaining a foothold into an organization.

One of the big things for us is striking a balance between security and business continuity, so one of the key differentiators with Glasswall is that it will disarm a file, disarm an attack, and still deliver a sanitized and safe document to the end user.

Glasswall is a privately funded UK company that has been operational for six years.

 

Profile

Speaker: Sam Hutton, CTO, Glasswall Solutions

Over 15 years experience delivering and operationalizing cutting-edge technology solutions across a number of sectors including financial, security and defense.

glasswallAbout Glasswall

Glasswall Solutions Limited, a UK-based company, has developed a disruptive, innovative and ground-breaking security technology which provides unique protection against document based cyber threats. The Glasswall patented technology changes the security paradigm of signature based defenses, to allow only ‘known good’ in business documents. Unlike signature-based technologies Glasswall is able to eliminate all types of document attacks and zero-day malware.