“Total security” for file downloads from the web is being promised through an alliance between Votiro and Zscaler.
Votiro’s Data Detection & Response (DDR) platform has been integrated with the Zscaler Browser Isolation system to “ensure” full cyber protection while maintaining file functionality and quality, the companies claimed.
Business operations depend upon employees’ ability to transfer files and content to and from partners, customers, and suppliers. But hidden and unknown threats are often embedded within innocent looking files, said the partners, and “steganography attacks” are on the rise, whereby malware or a rogue employee may exfiltrate data by hiding the sensitive data within an image file to avoid detection.
To counter this, many traditional solutions restrict employees from opening and engaging with content or accessing necessary web portals and internet applications for file transfers, but this can hinder productivity.
Votiro and Zscaler have partnered to provide organizations with a content security solution for file downloads across browsers, cloud storage, messaging, and content collaboration apps. With the DDR platform and Browser Isolation integrated, enterprises can prevent malware attempts and potential data breaches and data loss using zero trust strategies, while ensuring “seamless” business operations, the pair said.
DDR proactively detects and disarms known, unknown, and hidden file-borne threats in “real-time”, it is promised, to ensure files remain in their native format and safely flow through Zscaler’s Zero Trust Exchange.
“Protecting sensitive data from external threat actors and negligent or malicious insiders is a top priority, but the problem of keeping enterprise data safe gets compounded when threats are embedded within seemingly safe business documents,” said Amit Raikar, vice president of technology alliances and business development at Zscaler.
He said file-borne threats hide as malicious code or macros within standard files that users download from the internet every day. “Together we’ll help more organizations safeguard their data from both web-based and file-borne threats.”
As a result of the integration, customers will be able to reduce resources spent on removing files from quarantine or time spent unlocking files for use, “boosting” overall productivity for IT teams and end users, said the vendors.
The offering performs actions such as automatically blocking weaponized files with misleading file type extensions. The file structure is analyzed for the hidden file objects and the content is checked for any “risky” URLs. Any active content, such as VBA macros, are analyzed and ruled out based on a machine learning-trained algorithm, while preserving the end user experience.
Images are reconstructed as part of the sanitization process, eliminating any hidden code, without compromising the quality. The process is also applied for images embedded in documents and in archive files. QR codes are disarmed as well, further thwarting any steganography attacks.
“Zscaler places as much emphasis on zero trust as we do, allowing us to create a joint solution that is rooted in zero trust security principles,” added Ravi Srinivasan, CEO at Votiro. “By joining forces we are providing an advanced security solution that aligns with how modern business is being conducted, while productivity and resiliency is ensured,” he claimed.
Last year, Rubrik said it was automating sensitive data file detection and classification and working with Zscaler to stop such files being exported outside an organization’s IT boundaries.
