About Embedded Engine
    • PDF

    About Embedded Engine

    • PDF
    • New

    Article Summary

    The Glasswall Embedded Engine is a software development kit that allows organizations to integrate the power of Glasswall CDR into their applications. It provides functionality such as file validation, cleansing, and reconstruction, as well as the ability to generate XML reports for deep analysis of files. The engine also manages files based on a configurable content management policy and offers reliable file type identification. Additionally, it enables search and redaction of text in MS Office files and supports the creation and manipulation of a document object model for supported file types. The engine operates in different modes: Analysis Mode generates XML reports, Protect Mode regenerates files with valid content items, Export Mode breaks down files into structural components, and Import Mode reconstructs files from exported formats. Content management rules can be configured and applied in both Export and Import modes.

    The Glasswall Embedded Engine allows organizations to embed the power of Glasswall CDR, via a software development kit (SDK) which includes an API, with new and existing application deployments. Once integrated, any files the engine encounters are processed in accordance with user-configurable security preferences that allow security teams to shape their security policy to match their organization's risk appetite.

    Broadly, the API provides the following functionality:

    • The validation, cleansing (sanitisation and remediation) and reconstruction of files.
    • The production of XML reports detailing deep analysis of files.
    • The management of files against a configurable content management policy.
    • Reliable file type identification.
    • The ability to perform search and redaction of text in MS Office file types.
    • The creation and manipulation of a document object model (DOM) for supported file types.

    Use Cases

    • Embedded component within network appliances and data guards
    • Critical element of a Cross Domain Solution (CDS)
    • Software Bill of Materials (SBOM) audit and protection process
    • Zero-trust solution to assess files traversing trust boundaries

    Engine Operation Modes

    Analysis

    In Analysis Mode, the input file is decomposed and an XML report is generated for each file. The analysis report contains 'Content' Items (structures found in the file), 'Issue' Items (structures that do not match the specification), 'Sanitisation' Items (items that would be taken out as per the content management policy) and 'Remedy' Items' (structures automatically corrected back to specification).

    Protect

    In Protect Mode, the input file is decomposed as per Analysis Mode but the file is then regenerated using valid Content Items and remediated Content Items. As part of this process, the Content Management rules are applied so that certain 'Sanitisation' Items are removed (e.g., macros) from the regenerated file, so only known good items are present in the new file.

    Export

    In Export Mode, the input file is broken down to its structural components and an internal DOM (Document Object Model) tree is created. The DOM tree is validated and cleaned before serialising and writing out as one of two configurable intermediate file formats (XML or SISL). The exported content can be further processed and modified externally prior to importing.

    Import

    In Import Mode, the input is the exported SISL or XML files (with or without external modification). The XML or SISL files are deserialised, reconstructing the internal DOM tree, which is validated, cleaned and used to regenerate a clean and compliant file.

    Content Management rules can be configured and applied in both Export and Import modes.

    Learn more


    Was this article helpful?