Deep Content Inspection

WE MAKE SURE THAT YOU DO.

Malicious and hidden content in your files and streaming data can threaten your mission and national security. Deep content inspection is the only way to identify, filter, and sanitize complex file types to thwart targeted attacks and stop data exfiltration. Antivirus protection should be your first line of defense (and is included in most Tresys products); however, it is simply not sufficient to protect your network from novel, targeted threats and prevent data disclosure using hidden content. Tresys’ deep content inspection and filtering products and services are focused on finding and removing obscured information, removing active code, and scanning and removing metadata.

Tresys’ products and services are the result of years of working closely with Department of Defense, Intelligence, and critical infrastructure customers to develop solutions that meet high-security, mission-critical requirements. Coupled with our file sanitization and Cross Domain Solution (CDS) expertise, Tresys experts deliver solutions that prevent the transfer of zero-day exploits and malware while ensuring efficient and rapid transfer of essential data.

Examples of the deep content inspection performed by Tresys products include:

• File type identification and filtering – Control the kind of files that flow into and out of your organization, including detection of files with incorrect extensions, hiding files inside of archives and documents, and malicious content masquerading as common file types.
• File format verification – Verify the low-level structure of documents to stop attacks that use malformed documents to exploit unknown vulnerabilities. This technique alone has successfully thwarted a broad range of zero-day exploits.
• Active content removal – Remove executable files and active content – such as JavaScript and Visual Basic for Applications – inside of common office document formats.
• Meta-data removal – Remove document properties, change tracking, fast-save data, and other information responsible for intentional and unintentional data disclosures.
• Hidden content exposure – Cleanse white-on-white text, steganographically embedded data, obscured objects, and other hidden data used to evade review processes before releasing documents.
• Dirty word searching – Verify that documents do not contain a list of administrator-configurable words.
• Device cleansing – Prevent data from hiding within the low-level structure of USB thumb drives and other removable media, including removal of U3 drive CD-ROM partitions.

XD Air is a removable media inspection and sanitization product that:

• Protects against attacks via removable media including USB thumb drives, CDs, and DVDs
• Provides advanced deep content inspection for the best protection available against zero-day vulnerabilities
• Enforces organizational policies around acceptable file types, removable media usage, and data exfiltration using dirty word scanning
• Can be used as part of a manual, air gap cross domain data transfer process, including transfers to stand-alone embedded systems and networks

XD Mail is a content filtering and cleansing device that:

• Inspects, cleans, and filters content transmitted via email—including attachments from simple to complex—as well as data in the email and attachments
• Permits only known good email content to traverse the domain boundary
• Prevents information leaks that use email as a means to exfiltrate data from a network through complex clean/dirty word filters