The Glasswall Embedded Engine lies at the heart of our suite of CDR solutions. Its various capabilities go above and beyond protection against malicious software. This provides security teams with powerful tools that help organizations comply with data protection regulations, transform file types, identify risky content and much more...
Protect Mode is the core capability of the Glasswall Embedded Engine. It has been developed to disarm malicious files, returning them to their manufacturer’s known good file specification. This includes:
User-configurable policy settings
Content management policies give security teams control over which content types are processed, and how. This allows security policies to match an organization’s security posture at a granular level.
Automatic file corrections
This enables security teams to take advantage of the automatic remediation of a file back to its manufacturer's 'known good' specification. It allows for the automatic removal of any threats hidden within the structure of a file, as well as preventing activation of exploits via the misuse of structural components within a file.
Analysis Mode provides security teams with detailed reporting of all content discovered while the Glasswall Embedded Engine is inspecting a file.
In the event Protect Mode cannot be used (a file cannot be modified in transit), the report generated by Analysis Mode can be used to determine whether any risky content exists within a file.
The contents of this report can be parsed, making it presentable via a UI that simply describes the nature of a file and any actions that performed to secure it.
Glasswall’s CDR Engine can transform and reconstitute complex data formats (documents, images, media, and binary files) into more simple/verifiable ones (SISL/XML). This capability exposes a file’s internal structure, enabling third parties to carry out hardware/software syntactic and semantic verification.
Breaks down the complex data format into its constituent components and converts them into document object models (DOMs) presented as SISL/XML files
The simple format can then be verified and transferred across trust boundaries by hardware devices such as a syntactic verification diode or similar control
The verified simple file format can then be recomposed into the original complex data format
File Type Identification Mode
This enables security teams to accurately determine the true file type, regardless of the presence or the modification of a file extension.
Glasswall’s ability to determine file types ensures that malicious and/or risky files masquerading as safe files are detected during processing.
Word Search and Redact (MS Office)
The Glasswall Embedded Engine can protect organizations against the leakage of sensitive information. Our Word Search and Redact function gives security teams the capability to specify forbidden words – the Embedded Engine then analyses a file and identifies, and then enacts the user defined policy.
The forbidden words are configured via policy, where the type of action to be applied to the matching text is also defined. The supported actions are redact, report or block the file.
Using methods such as regular expressions or by including entire text in the configuration allows security teams detect text at various scopes e.g., words, paragraphs, or sentences.
Glasswall is already developing tomorrow’s protection solutions. We have a number of patents that will allow us to evolve our industry-leading protection capabilities, keeping us one step ahead. The following capabilities are in the pipeline for release in the near future:
Word Search and Redact (other text-based formats)
Glasswall will roll out the capability to other file formats to enable the search and redaction of forbidden words in formats such as PDF.
Glasswall Lens will enable the detection, blocking and reporting of image content (in standalone images and embedded in documents). The plugin employs cutting edge AI models to detect various image categories such as harmful content and sensitive information. Glasswall will present this information as a probability rating and provide administrators with the ability to block files containing such content.
Company registered number: 05573793 | Company registered address: 85 Great Portland Street, London, W1W 7LT