The Big Cyber Challenge
In short, complex systems will always have behaviours we don’t understand, and many of these are likely to be ones we don’t want. What attackers do is find some of these odd behaviours and use them to damage your business. Defenders try to find them too, but generally defenders cannot keep up with the attackers.
Deep Secure chooses not to – divide and conquer is our strategy. Divide complex systems into separate sub-systems that communicate in simple ways. Put the security controls onto the boundaries between the sub-systems where the simplicity means the defenders have the advantage over the attackers.
This is where Deep Secure is unique and wins where others cannot. Meaning you can rely on us to give you content security for the parts of your business that need it.
When it comes to cyber security, one size does not fit all. Some areas of your business warrant better protection than others. In some places a cyber security failure will be inconvenient and recovery will be swift, while in others a failure will put you out of business.
The answer is to divide your business into zones.
This allows you to apply the exact level of control needed to each area of the business.
Users inhabit some zones but others provide a pure compute function. Some zones will contain your information ‘crown jewels’, while others will be where you process potentially dangerous data. What the security mechanisms do is control access to these zones and the way business information flows between them.
Zoning in Action
Our Content Threat Removal platform controls the flow of information content between zones to prevent attacks passing from one to another and stops sensitive information leaking out.
By working at the business level, Deep Secure products ensure the business functions efficiently when split into zones, and only attacks and leaks are blocked.
Attackers hide their attacks in the content you receive and sensitive information leaks out in the content you release. So to remove the content threat, Deep Secure’s technology has to understand what content is made of.
A superficial check of such content is ineffective to tackle the threat – it is necessary to recursively decompose the structure down to the byte level.
This is what our technology does, hunting for executable code and hidden information. Going this deep is essential, because flaws in applications can mean unusual “ordinary” data can get executed and there are plenty of opportunities for information to be “lost” in the detailed structure.
To remove the content threat, recursive decomposition of content is essential. But this means the security checks need to handle content with complex structure provided by a potential attacker. Complexity is always hard to handle, so there’s a risk that the checkers themselves become a target for attack, providing the attacker with an indirect way into the system.
Our solution is to use a simple content verifier that works with simple data structures, but to make this work received complex data must first be transformed into a simple checkable structure. After verification, the simple data is further transformed into a complex format ready for delivery.
The transformations are still complex, but by building the defences right it is possible to avoid relying on them – the simple verifier is the only security critical component.
Want to go deeper?
If you’d like to find out how simple it is to defeat the unknown, contact the Deep Secure team and get our experts to answer your questions in a little more depth or arrange a demo - please get in touch.