Validating the Payload

In the blog Secure Delivery of a Payload we discussed how secure information exchange consists of two distinct elements: the information you need to convey – the payload, and the technical method used to carry the payload – the protocol. Attackers wishing to break into your network can exploit either of these: the protocol or the payload.
Continue reading “Validating the Payload”

Secure Delivery of a Payload via a Protocol Break

A secure information exchange consists of two distinct elements: the information you need to convey – the payload, and the technical method used to carry the payload – the protocol. Attackers wishing to break into your network can exploit either of these: the protocol or the payload.

In this blog we briefly look at protecting protocol-based attacks. In a future blog we will look at content-based (payload) attacks.

Continue reading “Secure Delivery of a Payload via a Protocol Break”

Nexor Merlin – PDF Wizardry in G-Cloud

In the blog Documents: a Hackers Gateway to your Enterprise I discuss a new approach to reducing the risk of malware embedded in documents, as anti-virus solutions are no longer that effective.

The concepts introduced in the blog are now expanded upon in a Nexor Briefing document Preventing Document-Based Malware from Devastating your Business.

Continue reading “Nexor Merlin – PDF Wizardry in G-Cloud”

PDF Security: protection from zero-day content-based malware attacks

Nexor have just released a press statement about a new approach to protecting against PDF viruses and file based malware that has been incorporated into Nexor Merlin. In the press release I am quoted as saying:

“Current Antivirus technology has reached the plateau of what it can achieve. The combination of Nexor and Glasswall technologies provides a new approach that is not dependent on signatures that describe what is known to be bad historically. This enables customers to have confidence that they are protected from the next Beebus like zero-day attack hidden in documents.”

In the coming months I will blog more details about using content security techniques to enable the safe use of PDF, reducing the risk from PDF malware.