Dr. Aqib Rashid
๐ค SpeakerAppearances Over Time
Podcast Appearances
And sometimes you're dealing with so many files that you can't necessarily siphon them off and do this kind of analysis on them.
But this is where CDR or Content Disarmament Reconstruction comes into play.
And this is something that Glassfall has pioneered over the last couple of decades.
So this is where you take your file, you break it down into its constituent components.
Firstly, you read the file of any kind of malware that might exist there.
You then try to bring that file back to the manufacturer's original specification because we've developed an understanding of what a legitimate file should look like.
So you decompose it completely, you validate the file, and then what you deliver to the user is a clean, pristine file, which is completely free from any kind of malware.
It conforms to the specification of PDF or of Microsoft Office or images or whatever.
And it's a deterministic guarantee that the file is safe to use regardless of where it came from.
and this all follows that zero trust principle of philosophy which is that you don't trust any kind of files or anything that you interact with you simply clean it cleanse it reconstruct it and give it back to the user such that they shouldn't actually notice a difference
I joined the company in September of 2023.
I think I should probably preface this with my background, which is in the security of machine learning and the application of machine learning and AI to cybersecurity.
So I was completing a PhD, 23, on the topic of securing machine learning-based malware detection and malware prediction models.
So what that means is using AI to detect malware.
And what Glassfall was looking to explore at that time was building capability to detect malware from files, because it's all well and good being able to cleanse the file and being able to provide that guarantee that the file is now completely safe.
But it doesn't give you that insight as to whether the original file was malicious.
And for some organizations or users, that might be quite useful.
It might be necessary, actually, for certain types of enterprise customers as well.
So that's where I joined the company and we started working on a product that would allow you to pass in a file to a machine learning model and the output would effectively be the likelihood of that file containing malware.
So effectively you're operating on