At Nektra we develop custom DLP solutions that can be run as individual components or integrated into third party products. In our comments below we focus on critical capabilities: mobile, BYOD, cloud, operating system coverage, and compliance regulation. We built a feature comparison matrix for data loss prevention products to gain a better understanding of […]
Below, we compare different ways of intercepting network packets, and of filtering and analyzing their content to see if kernel drivers which use NDIS and WFP frameworks perform better than WinPcap. We tested the performance of each method. See table. Testing We measured network bandwidth after applying a basic filter which: Intercepts all packets Verifies […]
Our Data Loss Prevention Development team used Deviare to add watermarks to printed documents by intercepting XPS Print API interfaces. This technique can be applied to all printing jobs on virtual or physical printing devices. Get the code. The requirements are: An operating system with XPS Print API (Windows Vista SP2 with Platform Update or higher) Visual […]
RemoteBridge is now open source and available on GitHub as are Deviare Hooking Engine and Deviare-InProc. RemoteBridge allows you to access the COM and Java objects instanced in a process as if they were your own object instances. You can access their methods, properties and events from your own application. It is implemented as a COM […]
SpyStudio is now free and available for download here. It is a Swiss Army knife for cyber security analysts, DevOps, QA engineers, and developers. You can take a look at the articles “Nektra and VMware are Collaborating to Simplify Application Virtualization Packaging” and “How Nektra Improved Desktop Virtualization for Symantec Corporation” to see how big […]
We have good news for those interested in Windows Hooking. Deviare Hooking Engine is now open source and available on GitHub. The license is GPL but a commercial license and support are also available for users who want to distribute closed-source products based on Deviare. Our other open source hooking product, Deviare In-Proc, now supports […]
If you look at the last Gartner’s Magic Quadrant for APM and compare it with what is really happening in the market you will notice two things: With the exception of Compuware, the leaders, New Relic and AppDynamics, are all newcomers. All the old established companies are excluded from the leader’s quadrant. Gartner separates APM […]
A customer asked to develop a solution to prevent data leaks of their databases. Hernan has added a new feature to the code offered in our article SQL Server Interception and SQL Injection Attack Prevention. Now it is possible to cancel queries as well as watch them. The code sample uses the Deviare Interception Engine’s […]
Today Manuel Fernandez is presenting HookME at Black Hat USA Arsenal 2013. HookME is software designed for intercepting communications which uses the Nektra Deviare Engine for binary instrumentation. HookME can intercept unencrypted HTTPS web traffic. Many different proxy servers are used to intercept HTTP traffic. Fiddler is the most popular one for generic purposes. Burp Proxy is the leader for security testing. […]
More Binary Instrumentation Alternatives Deviare now has custom hooks to improve hooking performance. With custom hooks, two “OnFunctionCall” events are triggered: one in the SpyMgr process, and the other within the agent. The custom hook can send data, or custom parameters. to the SpyMgr process. The custom Deviare modules running in the agent have access […]