News

Aug 06, 2023

Securing Files Everywhere: Votiro’s Approach to Zero Trust Content Security

Home » Security Bloggers Network » Securing Files Everywhere: Votiro’s Approach to Zero Trust Content Security TAG Cyber Interviews Votiro CEO Recently, Votiro CEO Ravi Srinivasan, sat down with TAG

Home » Security Bloggers Network » Securing Files Everywhere: Votiro’s Approach to Zero Trust Content Security

TAG Cyber Interviews Votiro CEO

Recently, Votiro CEO Ravi Srinivasan, sat down with TAG Cyber’s Ed Amoroso to discuss Votiro’s approach to Zero Trust Content Security. The interview covers how Votiro got its start, gives a peek into the future, and explores how Votiro has sanitized more than 7 billion files in its mission to protect customer data and content. Watch the video below, and read on for the highlights:

Votiro is a Zero Trust Content Security company with a focus on helping organizations disarm and deliver safe files wherever the users or applications are interacting with the files. The way Votiro got started is an interesting story. The founder, Aviv Grafi, was part of an elite intelligence unit of the IDF, and then worked as a pentester that would fly around the world poking holes in every customer’s network. He realized that when he sent a file named “Resume” to the HR team, a file named “Datasheets” to the marketing team, or a file named “Terms and Conditions” to the legal team, in 100% of the cases, they would open the file. It was a proven way to start the kill chain. He realized that enterprises had a critical need for content security.

“When I heard about Votiro from the Chairman, I really liked the technology and the way they’ve implemented the capability. I recognized the potential. For me, it was a great opportunity to be a first-time CEO.”

– Ravi Srinivasan

70% of malware found in files are of unknown variant, yet users are clicking on them to get access to those files. Bad actors have long realized what Votiro’s founder uncovered: malware is an efficient way to get in and start a malicious process. Votiro looks at the problem from the user’s perspective.

The user needs a consumable file – it must maintain its full functionality. So delivering a safe file with full functionality became Votiro’s mission. Instead of looking for malware, Votiro’s technology focused on delivering safe files using known file formats and leaving behind the unknown bits. These unknown bits are then analyzed so organizations can learn if their files contained a Zero Day attack, or ransomware, or a new variant of a malware not previously seen anywhere. Currently, Votiro supports about 180 different file formats.

“Brand new variants of a new malware, ransomware attacks, zero day attacks… these are all evasive objects and executables that are hidden in files that you and I get. When we open the file to do our work, little do we know that the underlying metadata had an object that just detonated on my endpoint and caused harm downstream.”

– Ravi Srinivasan

As organizations embrace digital transformation, they understand the heightened need for file security. Think about insurance companies that are digitizing their claims processing. The old way of faxing a file is out; now files are emailed directly. Asking their claims processors not to open the files is not realistic; they won’t be productive. So how can you enable employees to safely open claims files not knowing where those files are coming from? That’s where Votiro’s Zero Trust model comes in. Votiro’s technology does not trust the files uploaded into the claims processing system, or the files uploaded into a mortgage processing system, or the file’s uploaded to a law firm’s case discovery system. Instead, Votiro cleanses every file so a user can open them safely.

Content Disarm and Reconstruction (CDR) capabilities have evolved over the last seven or eight years. Early on, CDR simply converted every file into an image. It was safe, but entirely unusable. In present day, Votiro applies artificial intelligence and machine learning so that the technology can preserve usable components, macros, and functionality and yet deliver safe files without fear of embedded malicious objects and executables.

Votiro has processed well over seven billion files to date. That adds up to a huge data lake of macros that companies use regularly in their modeling and in their Excel spreadsheets. Votiro has used that data to teach its machine-learning algorithms how to look for macros that are benign and deliver those as safe files. Votiro uses similar technology for images as there is now rampant use of images to hide malware, a technique called steganography. For example, during the World Cup, there were lots of malicious images being sent from Qatar with the latest from the stadium. Votiro ensures that those image files are safe.

“Machine learning is the heart of how we address macros today.”

– Ravi Srinivasan

Four or five years ago, email was Votiro’s predominant use case: ensuring that employees could safely download attachments like zip files or password-protected files. In the last 12 to 18 months, there has been an increase in hybrid working, which requires digital interactions and collaboration with other users. This has resulted in an explosion in use cases for Votiro’s technology. For example, file uploads. Organizations set up data repositories that are quickly populated with millions of files. How do they know those files are safe? Organizations are also increasingly sharing content using data-rich platforms and collaboration tools like Box and Dropbox. How do they know they can safely download files from these public sharing sites? As an even more recent example, organizations are setting up public cloud lakes like Amazon, with developers continuously adding files to these data lakes. How does the organization ensure these files do not violate privacy issues – for example, do uploaded digital certificates contain personally identifiable information (PII)?

“Think of Votiro as the water treatment plant cleansing all the water that goes into a data lake.”

– Ravi Srinivasan

The traditional mindset of security teams deploying defense-in-depth has been to simply block the file and wait for the user to ask for the file to be released. But in today’s fast-paced world and abundance of digital services, users are not waiting for IT to release the file. They will look for faster ways to get it.

This requires a mindset change about defense-in-depth: delivering services closest to where the users and applications reside, where the content resides. It’s an opportunity for service providers to deliver Security-as-a-Service close to where the data sits. Votiro helps organizations and users receive safe files where they are through the application of API-based services.

As its technology resides in close proximity to the users, Votiro must deliver files in milliseconds. To be part of the application’s workflow, the technology itself is delivered as an API-based service that customers can adopt in a flexible deployment model. They can either adopt the technology as a cloud-based service or use it as a Virtual Appliance running closest to where the data is stored.

“We have organizations that deploy a large Snowflake data management platform. They adopt our API- based service to cleanse their files in real-time, then drop them into the data management platform.”

– Ravi Srinivasan

The current marketplace is full of detection and response capabilities. There are plenty of endpoint, network, and cloud detection and response solutions out there. Votiro’s mission is to add value to these detection solutions because of the rich amount of file analytics to draw from, while many other solutions do not.

Votiro is continuously taking a broader look at content security in order to help organizations look at content from the perspective of analytics, from the perspective of detection, and from the perspective of PII, and so on.

“If you rewind any kill-chain, you will find that it almost always originally began with a weaponized file that someone inadvertently opened.”

– Ravi Srinivasan

If this TAG Cyber interview piqued your interest and you’d like to learn more about Votiro, we have plenty of resources for you to check out. And if you’re looking to try Votiro for your organization, you can request a free 30-day trial and get started in no time.

*** This is a Security Bloggers Network syndicated blog from Votiro authored by Votiro. Read the original post at: https://votiro.com/blog/securing-files-everywhere-votiros-approach-to-zero-trust-content-security/