This Israeli cyber security company wants to burn out viruses hidden away in sent files
Re-Sec Technologies announced on Tuesday that they succeeded in closing their Series A funding round, bringing in $5 million in new financing. The round was led by PICO Venture Partners and Founders Group.
Based outside the hi-tech hub of Tel Aviv in Pardes Hana, Re-Sec was co-founded in 2012 by CEO Dotan Bar Noy and VP of R&D Oren Shnitzer. Their service is available for both on premise implementation as well as on the cloud.
A perimeter security solution, Rec-Sec has honed in on the threat posed by the sending of documents through email as a method of delivery for attackers who can add harmful code to an otherwise benign looking file. Along with their other security options like their proprietary sandbox, the startup has found a way to replicate files sent to their clients, and pass on an identical version that they guarantee is clean of viruses.
This solution can be used for safely receiving images, Microsoft Office files, and others. When a file is received at the Re-Sec perimeter, Shnitzer explains to Geektime that they do not simply copy the contents of the file and paste them onto a fresh document, but also build an entirely new one from scratch while retaining all of the elements. This includes the accurate location of cells on an Excel file or tracked changes in a Word document.
A bold initiative to security: Pros and Cons
Re-Sec’s service looks to provide a better approach to dealing with security, revamping the way protections have been put in place up to this point. One of the widely used methods of identifying potentially harmful files has been through signature analysis, wherein the system looks for known viruses based on updates from the anti-virus team after they have identified new threats. While this method can be effective for dealing with known threats, it is of little solace to those hit with a zero day attack.
Shnitzer says that the common security practice of sandboxing files is also an imperfect solution for guarding against viruses since most attackers are able to program their payloads to remain closed while under inspection.
Re-Sec’s solution, while innovative, is not without some lingering issues. Shnitzer says that they are unable to protect against executable files but says that this is a problem for which nobody in the field has been able to offer a viable solution, leaving it an open ended conundrum.
There are a few other limitations including the inability to copy macros for Excel files. A bigger problem is that files that they are unable to properly recreate are blocked. This can be a problem for companies that can be hurt by missing out on some of their important documents.
The work around that Re-Sec has found is to essentially whitelist certain kinds of files and people that can receive the untouched document. For example the billing department can open Excel docs from known clients, etc. While this addresses the specific issue, using a certain level of context to maintain the flow of business continuity, in a sense it defeats the achievements of setting up a sterile perimeter. That said, it should reduce the overall pool of threats, stemming the flow of potentially dangerous files that pour into an organization into a trickle of still risky documents.
Looking towards the future
The company says that their on-premise solution already supports cloud-based applications such as Microsoft Office 365 and file sharing services, and that they intend on offering a SaaS solution for smaller businesses. New products are planned to be released later in the year.
Up to this point, the company’s customer base has been centered in Israel. Following the closing of this round, Re-Sec plans to expand their global operations, opening up new opportunities in the U.S. market as well as Europe and Asia. They plan on growing their New York office with increased capacity for sales and marketing. Concurrently, they will utilize the funds to keep improving their stable of products.
Re-Sec will join other security companies next week with an exhibit at the RSA Conference in San Francisco. They will be situated in the South Hall at Stand No. 333.
Since the first worms began infecting networks throughout the Internet, basic hacking methods like sending malicious code buried in Word docs have been a fan favorite for attackers. Most people should know better at this point than to open up suspicious documents, understanding that if a stranger sends you something, you might be better off avoiding it all together.
Unfortunately, this is not always an option for businesses that have to keep open their lines of communication, running a higher risk of infection. Add on top of this that most people are still not as security conscious as they should be, clicking on files without thinking twice, and the entire environment is put at peril.
Re-Sec still has a number of holes to figure out when it comes to making sure that their users do not miss out on important documents while maintaining their level of security.
While many others in the security field have moved away from the idea of building hard exteriors in favor of better internal detection methods, they are bringing original thought to the concept of perimeter security, which is refreshing. At the end of the day, the job of protecting networks really does take all sorts, with no silver bullet solutions.
With their innovative approach to protection from malicious files, Re-Sec should be a strong part of any enterprise security package.
Featured image credit: rzoze19 / Shutterstock