Cyber security: How to fix bad files at an early stage

Reactive systems won’t cut it in the age of zero-day threats, says Greg Sim of Glasswall 

“Many enterprises know how many files they have going in and out of the organisation, but not necessarily what’s in them,” says Glasswall Solutions CEO Greg Sim. “For example, pdf files are now commonplace and trusted, but they are also complex.”

Anti-file malware specialist Glasswall has developed what it terms a simple solution to the complex problem of advanced and persistent malware in file-based attacks. Its disruptive technology analysis cleans and protects any type of file – pdf, images, Microsoft Office documents and so on – that can traverse a network, adapting the methodology to the type of document involved.

“We looked at traditional anti-virus systems and most are signature-based and therefore reactive, which will not work in the age of zero-day threats,” says Sim. 

 Glasswall’s software breaks down and examines the structure of an incoming file, taking it back to its binary level and thus providing intelligence on both content and threat footprint. 

It goes on to compare the file’s structure against that of the manufacturers’ specification, carrying out, in the case of a pdf, 3,000 checks, finally using its patented process to regenerate the file into a “substitute, sanitised, policy-compliant and secure file containing only ‘known good’ data”.

 In the event a corrupted structure is found, Glasswall allows for the appropriate actions to be taken, including file destruction or the removal of threats such as embedded URLs, metadata and macros.

 Sim references the recent Adobe attack, saying that “the key thing is that the Adobe Acrobat source has been leaked”, which could mean more pdf vulnerabilities being used to compromise systems.

 Its focus on mobile would take advantage of the recent ‘bring your own device’ trend in enterprises. 

“The mobile environment is a target area for cyber threats, even more so if you think how badly data can be segregated in a mobile handset,” Sim says.

 The UK company, founded in 2006, is looking to license its technology to a number of key players, a move Glasswall believes would significantly enhance their solutions. 

These potential commercial partners include major security product OEMs, PC and network equipment manufacturers, and anti-virus software providers. In the summer of 2012 Glasswall joined anti-virus giant McAfee’s Security Innovation Alliance programme.

 “We could be a big target for those companies,” explains Sim, “because we have a complete solution that can integrate and scale easily into what they already provide.”

 This strategy would, in turn, support Glasswall’s international expansion, especially in the key North American markets. Its go-to-market strategy has, indeed, identified the US as key to its growth, on top of its existing presence in Europe.

 Significantly, Glasswall is also looking to grow in several other sensitive markets such as the government and defence sectors and the mobile arena. 

Glasswall has two board advisers with government sector expertise, one of which is Dr Richard Horne, who has advised the Cabinet Office on its cyber security plan.