17 August 2023

Turn your employees into cybersecurity experts with GLIMPS Malware Kiosk

Articles

Every day, company employees are the target of malicious acts. Phishing attempts, receipt of an Excel file containing a potentially dangerous macro, use of a suspicious USB stick – the scenarios can be numerous. With the help of generative artificial intelligence, no less than 450,000 new pieces of malware are generated every day, according to the AV-Test website. While this figure already raises questions about its scale, it is unfortunately set to increase over the next few years.

To deal with this situation and dispel any doubts, your employees need to have access to a digital tool for the general public, enabling them to submit suspicious files autonomously, and receive an analysis result defining whether or not the file is malicious.

It is on this premise, and after a period of research and development, that GLIMPS has developed a new product entitled GLIMPS Malware Kiosk. This product will be marketed from September 2023.

Turn your employees into additional defense layers

Following in the footsteps of solutions such as Virus Total, acquired by Google in 2012, GLIMPS Malware Kiosk has been developed as a simple, intuitive interface enabling users to spontaneously submit a file or email using classic drag-and-drop functionality. According to Bruno Leclerc, Sales Director at GLIMPS, “GLIMPS Malware Kiosk has been developed around the concept of ‘User Simplicity Oriented’, in which the design of a tool must be both accessible to users, but with a functional scope sufficiently advanced for them to be autonomous. This is why the GLIMPS Malware Kiosk tool, through a simple action by the employee, gives him/her the means to access relevant indicators which help him/her to interpret and make a decision by him/herself, without the need to call on an IT administrator”.

The three proposed indicators are designed to be useful for everyone. The first indicator highlights the dangerousness of the inspected sample. This is a very clear verdict, accompanied by a detection report that lets the user know whether it’s safe to open the document or email.

If the file proves to be dangerous, it is accompanied by an indication of the malware family to which it belongs (trojan, ransomware, etc.). As well as displaying the results, the interface allows you to download a report containing all the information provided.

For Cédric Gibert, pre-sales engineer at GLIMPS, spontaneous submission by the user is an additional link in the corporate security chain: “Compared with an EDR solution which acts when the file is executed on the user’s workstation, GLIMPS Malware Kiosk performs an in-depth analysis before the file is opened and potentially detonated. This has the effect of reducing the attack surface while stopping the document’s ability to cause harm.”

GLIMPS Malware Kiosk is also part of the drive to reduce support requests to the IT team. Normally, a ticket would have been opened, but the user, now autonomous, will be able to clear up any doubts directly via the portal.  In the event of a proven threat, the solution will display a customizable message explaining the procedure to be followed.

A platform to suit every need

Based on the GLIMPS Malware platform, GLIMPS Malware Kiosk benefits from the power of 20 processing and analysis engines, including some with artificial intelligence. Based on concept-code technology, GLIMPS algorithms examine non-executed files without the need for time-consuming decompilation. Thanks to this strategy, the technology is able to deliver a static analysis in less than 5 seconds.

For e-mails, employees can simply drag & drop files in .eml and .msg formats from their original e-mail. To target phishing attacks, GLIMPS Malware Kiosk integrates a detection engine that investigates suspicious IPs, domain names and URLs. In the case of collaborative environments, commonly used files in .csv, .docx, .xls, .xlsx or .ppt formats are also compatible with the solution.

GLIMPS Malware Kiosk is designed to be agnostic to different programming languages, to facilitate the work of IT teams. As for executable files, whether compiled (C, C++, Golang) or not (Python, Perl, PHP, Javascript), the algorithms detect whether the file contains functions and a similar behavior to previously characterized threats. This feature is particularly useful for system administrators, who can have a suspicious file discovered on a server analyzed in a matter of seconds.

For batch processing, the platform accepts .zip archives containing the various elements to be examined. These files may contain confidential, sensitive information. It was therefore essential for GLIMPS Malware Kiosk to be designed as a sovereign solution.

A solution designed for constrained environments

GLIMPS Malware Kiosk has been designed “to be used in confidential environments“, as Florian Le Roux, Key Account Manager at GLIMPS, points out. By being installed in a closed environment, GLIMPS Malware Kiosk works without the need to send data to an external API, or to use it for learning purposes.

To access the solution, users must first be integrated into a corporate user community. Available for both Cloud and On-premise environments, GLIMPS Malware Kiosk integrates with corporate security operations centers (SOCs). In this way, Threat Intelligence will be regularly enhanced by users’ results on the portal.

In conclusion

By making security visual for the general public, GLIMPS Malware Kiosk should establish itself as a solution aimed at boosting employee awareness and vigilance of cybersecurity.

To find out more about this solution, please contact our experts