Glasswall’s industry-leading Content Disarm and Reconstruction (CDR) technology enables security teams to quickly and effortlessly protect their organizations against file-based threats in a variety of different scenarios.
One such use case is the protection of AWS Amazon Simple Storage Service (S3) buckets, which are at high risk of malware attacks. Unfortunately, traditional solutions such as antivirus and sandboxing are unable to detect file-based threats within them, and this leaves organizations open to the risk of ransomware entering their network.
Our APIs can be used to rebuild files via a simple http request, hence Glasswall’s CDR technology can be integrated into AWS to set up automated file sanitization. Our engineers have created an example solution, detailed in our step by step guide, which gives users insight into what is possible to achieve using Glasswall's API via AWS event notification functionality and Lambda functions. This approach can enable organizations to receive cleaned files into their AWS S3 buckets by limiting the risk of malware upload.
All you need to get started is an AWS account with an IAM role with the correct permissions and authenticated access to Glasswall’s Synchronous API.
By implementing this integration, our customers can protect their AWS infrastructure by sanitizing and regenerating their S3 bucket files in the same format without any malicious content.
What are Amazon Web Service (AWS) S3 buckets?
A bucket is a container for objects stored in Amazon S3, which is a cloud-based object storage service. Many companies host their assets on Amazon S3 buckets, as it offers an effective method to store and backup files and resources and can be used for public facing and private/internal assets. You can store any number of assets in a bucket and can have up to 100 buckets in your account, which means they can hold a significant amount of a company’s confidential data.
Why are S3 buckets a security concern?
As companies continue shifting their infrastructures to cloud-based solutions such as AWS, the potential for security breaches also increases. S3 buckets are a common repository for files and where there are files there are always file-based threats.
Does antivirus offer sufficient protection?
Antivirus and firewall systems use detection-based solutions that can only protect against risks already known to them. This leaves organizations at risk, as bad actors are constantly evolving their techniques and finding new vulnerabilities to exploit. Only files that have been processed by CDR have had threats removed. We don’t try to identify malicious code - we simply remove the ability for it to exist in the document.
What are AWS Event Notifications and Lambda functions?
In AWS, S3 Event Notifications are a feature to receive notifications when certain events happen in your S3 bucket. AWS Lambda is a compute service that lets you run code without provisioning or managing servers. Using these features in combination with Glasswall CDR technology can create a robust and secure system which prevents unknown malware from entering your organization.