Comparing Data Loss Prevention Products

At Nektra we develop custom DLP solutions that can be run as individual components or integrated into third party products. In our comments below we focus on critical capabilities: mobile, BYOD, cloud, operating system coverage, and compliance regulation. We built a feature comparison matrix for data loss prevention products to gain a better understanding of […]

Watermark Printed Documents in Windows

Our Data Loss Prevention Development team used Deviare to add watermarks to printed documents by intercepting XPS Print API interfaces. This technique can be applied to all printing jobs on virtual or physical printing devices. Get the code. The requirements are: An operating system with XPS Print API (Windows Vista SP2 with Platform Update or higher) Visual […]

Abort Microsoft SQL Server Dangerous Queries

A customer asked to develop a solution to prevent data leaks of their databases. Hernan has added a new feature to the code offered in our article SQL Server Interception and SQL Injection Attack Prevention. Now it is possible to cancel queries as well as watch them. The code sample uses the Deviare Interception Engine’s […]

Capturing Unencrypted HTTPS Requests and Responses (As Seen at BlackHat Arsenal)

Today Manuel Fernandez is presenting HookME at Black Hat USA Arsenal 2013. HookME is software designed for intercepting communications which uses the Nektra Deviare Engine for binary instrumentation. HookME can intercept unencrypted HTTPS web traffic. Many different proxy servers are used to intercept HTTP traffic. Fiddler is the most popular one for generic purposes. Burp Proxy is the leader for security testing. […]

Improving Deviare Hooking Performance with Custom Hooks

More Binary Instrumentation Alternatives Deviare now has custom hooks to improve hooking performance. With custom hooks, two “OnFunctionCall” events are triggered: one in the SpyMgr process, and the other within the agent. The custom hook can send data, or custom parameters. to the SpyMgr process. The custom Deviare modules running in the agent have access […]