At Nektra we develop custom DLP solutions that can be run as individual components or integrated into third party products. In our comments below we focus on critical capabilities: mobile, BYOD, cloud, operating system coverage, and compliance regulation. We built a feature comparison matrix for data loss prevention products to gain a better understanding of […]
In June, 2015 there was an alarming bit of news when people over at the Debian project realized that Chromium silently downloaded a closed source NaCl binary extension. It was the hotword extension which implements speech recognition techniques. When someone says “OK Google” within range of the microphone, Chrome interprets what follows as a command. […]
Our Data Loss Prevention Development team used Deviare to add watermarks to printed documents by intercepting XPS Print API interfaces. This technique can be applied to all printing jobs on virtual or physical printing devices. Get the code. The requirements are: An operating system with XPS Print API (Windows Vista SP2 with Platform Update or higher) Visual […]
We have good news for those interested in Windows Hooking. Deviare Hooking Engine is now open source and available on GitHub. The license is GPL but a commercial license and support are also available for users who want to distribute closed-source products based on Deviare. Our other open source hooking product, Deviare In-Proc, now supports […]
Deviare 101 Part 1 Welcome to the first installment of Deviare 101. In this article, we’ll explain how to use Deviare’s Reg-Free COM capability to easily deploy applications on end-user machines. This guide uses Visual Studio 2013 but can also be followed on earlier versions. The Manifest File Reg-Free COM requires an XML file called […]
If you look at the last Gartner’s Magic Quadrant for APM and compare it with what is really happening in the market you will notice two things: With the exception of Compuware, the leaders, New Relic and AppDynamics, are all newcomers. All the old established companies are excluded from the leader’s quadrant. Gartner separates APM […]
Our Office plugin development team was researching some problems with Office and they found this problem. Our SpyStudio tool intercepts application system calls and retrieves the called functions by inspecting the call-stack. We were unable to access stack information in the last few 64-bit releases of Microsoft Office products. When we use SpyStudio to intercept an Office […]
A customer asked to develop a solution to prevent data leaks of their databases. Hernan has added a new feature to the code offered in our article SQL Server Interception and SQL Injection Attack Prevention. Now it is possible to cancel queries as well as watch them. The code sample uses the Deviare Interception Engine’s […]
Zero day vulnerabilities put organizations at the mercy of vendors. These vulnerabilities are like a ticking bomb: you do not know when someone will exploit them. Writing your own patch for closed source applications is, in most cases, a complex mission that can take even longer than the vendor solution. When you use legacy software […]
Today Manuel Fernandez is presenting HookME at Black Hat USA Arsenal 2013. HookME is software designed for intercepting communications which uses the Nektra Deviare Engine for binary instrumentation. HookME can intercept unencrypted HTTPS web traffic. Many different proxy servers are used to intercept HTTP traffic. Fiddler is the most popular one for generic purposes. Burp Proxy is the leader for security testing. […]