Use Cases

Defence and Intelligence

Inter-agency intelligence sharing

Content Threat Removal provides a unique mechanism for the controlled sharing of highly sensitive intelligence – documents, images and videos – between national agencies, using sophisticated automated logic to determine what can and cannot be shared across domain boundaries. Furthermore, it provides a strong audit of who has shared what.

Information Exchange Gateways (IEGs)

Our Content Threat Removal is the foundation for Deep Secure’s NATO Approved, Information Exchange Gateways (IEGs). IEGs deliver the core services (mail, web, chat, military messaging, network management, file transfer, directory replication, and C2 communication) as a “black box” solution.

Protecting Security Operations Centres (SOCs)

Using a combination of content threat removal and data diodes to guarantee uni-directional data flows, the SOC is able to provide a real-time view of deployed command and information systems, safe in the knowledge that exploits cannot cross between operational and management networks.

Read the discussion paper

Securing military assets

Using Content Threat Removal, operators remotely manage and monitor the sophisticated network of military satellites that provide eyes in the sky, safe in the knowledge that the assets are totally protected from cross-network contamination.

Energy

Combatting attacks via customer portals

Our Content Threat Removal platform de-risks the potential for Internet-facing portals to be used as ingress points for attackers intent on disruption, damage or financial gain. Inbound data and transactional requests can be forced to adhere to tightly defined data schemas while the data itself can be transformed to ensure it is threat-free.

Enabling safe access to production data

Next generation data diodes provide a guaranteed one-way channel for production data flowing from operational networks into management information systems. Timely access enables better decision-making and improves business performance without any risk that a threat can flow back over the diode into the operational network.

Download our paper: Enabling safe access to production data

Securely importing software updates

Un-patched workstations on operational networks represent an unacceptable security risk. Combining Content Threat Removal checks with Next Generation Data Diodes provides a secure route for importing software updates into the operational network while ensuring nothing can flow back out.

Download our paper: Securely importing software updates

Segmenting OT/IT zones

Traditionally, organisations have sought to segment their operational technology (OT) networks and information technology (IT) networks using firewalls. Our Content Threat Removal platform makes it possible to enforce secure zones at an application layer, removing threats from content as well as control data flows with Next Generation Data Diodes.

Download our paper: Segmenting OT/IT Zones

 

Financial Services

M&A clean zones

Our Content Threat Removal platform is designed to allow you to create a guaranteed clean zone in which high value business processes such as M&A can be conducted without fear of compromise. Every ingress and egress point – from mail and web to applications and file transfers is continually monitored and any threat is removed.

Combatting steganography exploitation

Steganography is a technique whereby – using imagery, video or audio – information is hidden in the precise choice of colours or pitch, or the way these values change. Special software is needed to apply it. Routine checks for known malware fail to combat the threat but the Content Threat Removal platform removes the threat using transformation.

Transaction security

Transformation-based Content Threat Removal is particularly effective across structured and organised transaction processes. Here we guarantee 100% transaction security across transaction boundaries such as JSON, and web services.

Document capture

Internet-facing self-service portals allow threats into the organisation because threat actors submit documents containing zero-day exploits concealed into vulnerable file formats such as PDFs. The Content Threat Removal platform uses transformation to ensure exploits in documents simply cannot enter the protected zone.

Monitoring high-speed trading

High-speed trading requires minimal latency during trading. Our platform can be deployed on a tap to monitor activity for behaviour that might indicate criminal intent without adding latency in near-real time using the pass-through audit mode.

Government

Securing Microsoft SharePoint

Government agencies use our Content Threat Removal platform to control who can access protectively marked business information stored in document management systems such as Microsoft SharePoint, comparing the markings against user clearances to determine access.

Preventing data loss via email and web

The Content Threat Removal platform enforces consistent policies across both mail and web protocols to remove the threat of data loss by detecting protectively marked information, citizen data and Personally Identifiable Information (PII) from crossing zone boundaries.

Combatting attacks via citizen portals

The Content Threat Removal platform de-risks the potential for Internet-facing portals to be used as ingress points for attackers intent on disruption, damage or financial gain. Inbound data and transactional requests can be forced to adhere to tightly defined data schemas while the data itself can be transformed to ensure it is threat-free.

Securely importing software updates

Un-patched workstations on high classification networks represent an unacceptable security risk. Combining Content Threat Removal checks with Next Generation Data Diodes provides a secure route for importing software updates into these networks while ensuring nothing can flow back out.

Healthcare

Enabling Windows XP safety

The Microsoft Windows XP operating system and associated un-supported Internet browsers represent a major threat vector. Our Content Threat Removal platform enables healthcare organisations to deploy a “digital moat” around the XP estate, removing content threats from mail, web and file transfers.

Safeguarding patient healthcare records

Our Content Threat Removal platform enforces consistent policies across all ingress and egress points to remove the threat of the loss or theft of patient data and medical records. Detailed auditing and logging provides a provable compliance trail and aids in forensic analysis of attempted breaches.

Guarding medical equipment and sensors

Our Content Threat Removal platform provides a highly versatile toolkit for monitoring and protecting medical equipment and sensors from exploit and remote manipulation. Policy rules dictate the source and destination of a command set, while Next Generation Data Diodes ensure that data flows uni-directionally.

Eliminating the ransomware risk

Zero-day ransomware is software used by an attacker that encrypts your data and so renders it useless. Routine checks for known malware fail to spot ransomware. With our Content Threat Removal platform the ransomware code or scripts simply cannot get into the secure zone because they are discarded during transformation.

Manufacturing

Compliance with Export Controls

Defence supply chain participants need to protect the flow of controlled information and enforce compliance with Export Controls (e.g. ITAR) to avoid significant financial penalties and risk losing supplier status. Our Content Threat Removal platform enforces a “no hide” policy, checking for the presence of controlled information to ensure compliance.

Safely accessing production data

Next Generation Data Diodes provide a guaranteed one-way channel for production data flowing from operational networks into management information systems. Timely access enables better decision-making and improves business performance without any risk that a threat can flow back over the diode into the operational network.

IP protection


Our Content Threat Removal platform enforces consistent policies across all ingress and egress points to remove the threat of the loss or theft of IP. Detailed auditing and logging provides a provable compli
ance trail and aids in forensic analysis of attempted breaches.

Executive protection from Whaling

We throw a protective secure zone around those VIP executives whose roles and access to high value data effectively render them at risk. Inbound threats into this zone are simply removed via transformation while outbound business information is subject to rigorous checking and policy enforcement.

Collaboration with consortia partners and Government

Our Content Threat Removal platform allows secure collaboration amongst consortium partners and Government, without compromising your IP, but still maintains integrity of handling protectively marked data.

Retail

Countering PoS attacks

Attackers use malware delivered into the corporate network to help identify access points into PoS systems. The Content Threat Removal platform counters this by removing the threat of zero-day malware being introduced into corporate systems via mail, web and file transfer.

Combatting attacks via e-commerce storefronts

The Content Threat Removal platform combats attacks via e-commerce storefronts designed to exfiltrate customer data and inflict reputational damage. Data received via storefront applications is tightly constrained to ensure that it matches the permitted data schemas and is transformed to remove potential threats.

Guarding sensors, tags and footfall monitors

Sensors, tags and footfall monitors are secured with Next Generation Data Diodes to ensure they cannot be used as channels for the extraction of high value data from internal systems. The diodes allow data in from sensor endpoints while ensuring nothing can flow out.

Data loss and compliance

The Content Threat Removal platform protects against the inadvertent loss of high value customer data and payment card information via mail, web and file transfer. Consistent policies across all vectors inspect the content for potential breaches and help retailers meet their compliance responsibilities.

Transport and Travel

Sensor protection

The Content Threat Removal platform is used to protect the radiological sensors that routinely screen traffic at UK Border Control points to prevent the illicit import of controlled substances; the Content Threat Removal platform protects these sensors against cyber attack. It uses Next Generation Data Diodes deployed to protect the interconnected ICT systems and ensure a one-way data flow.

Secure messaging between national air traffic control agencies

Air traffic control agencies need to securely exchange information with other national air traffic control bodies, meteorological and military agencies. Our Content Threat Removal platform provides an X400 secure messaging gateway where information can be checked to ensure that data is shared safely and threats are removed from the data flows.

Secure zoning of cabin and passenger services

Content Threat Removal platforms are designed to deliver secure zones, cleanly segmenting cabin and operational networks so that threats are removed and access is constrained. Detailed auditing and logging provides a provable compliance trail and aids in forensic analysis of attempted breaches.

Autonomous vehicle protection

Autonomous vehicles have many sub-systems on board. With more than two networks on a vehicle, information needs to flow in both directions between all pairs of network. The Content Threat Removal platform guards each flow, to ensure that sensitive information does not leak out and attacks do not penetrate essential systems.

Want to go deeper?

If you’d like to find out how simple it is to defeat the unknown, contact the Deep Secure team and get our experts to answer your questions in a little more depth or arrange a demo - please get in touch.