These are some examples of our work. If you would like more details or to know the customer's identity please contact us.
Data Loss Prevention Solution
A Data Loss Prevention software vendor wanted to develop a File System Filter to scan files when they are changed, and classify them according to their content. In addition to this, they requested multiple addons for Office, Office 365 and Shell, to change file classifications and show a warning if the user attaches a file tagged as confidential or important.
Solution: We developed a File System Filter Driver which tracks all file system changes and reports them to the user mode component and to all the addons. We continue to support and improve this product, adding new features and correcting reported issues.
Data Leak Prevention: Extending a pre-existing undocumented product
Wise Data Protection had a product which identified files with sensitive content based on rules set on a server. These files were encrypted and could be accessed by authorized users. They needed to fix some issues and add some features which required intercepting some APIs and COM objects. The product was being used by customers and the vendor didn't have any technical staff or documentation. The server was written in Java, the driver and service in C++, and the addons in C#.
Solution: We took over the project. After studying the product for a couple of weeks, we fixed some issues in the kernel mode driver and the scanner service. Then, we added user mode interception to keep users from using the printer, print screen and clipboard while a sensitive file was open.
Time Change
A customer wanted to change the time for certain applications to test how they would run on certain dates. This feature is very useful for critical financial applications.
Solution: We wrote a device driver which notifies a service of new process. This service injects some user mode hook code to intercept time functions.
VHD Mount in an Arbitrary Path
A virtualization vendor wanted to mount VMware VHD and VHDX virtual hard drives cointaining application definition layers from a network share when the user logs in.
Solution: We developed a device driver to mount the VHD / VHDX but the complex part of the project was to find the correct place to mount it. We had to mount it after the user logs in, and before the user processes were executed since these processes access the drives. We wrote a service which injects code in Winlogon to intercept system functions that are executed when users log in and then mounts the drives.
Java App interception and interaction
Our customer wanted to use a specific Java version for some URLs and automate some tasks in other Java apps.
Solution: Our team worked closely with their technical staff. We added user mode interception to simplify Java redirection and improve user experience (e.g.: single-sign-on). We also added some menu items and some features to the Java application.
Virtualize Internet Explorer and Office
Symantec EUC wanted to virtualize all Internet Explorer versions to allow users to use them side by side in the same machine or VM. They also needed virtual packages for Office and third-level support for their customers.
Solution: We began by virtualizing Internet Explorer 6 within their product Symantec Workspace Virtualization. Our work was showcased at the Vision Conference. Then we created the application package for Office. The implementation of these packages required a deep knowledge of their product and of MS products. We built these packages and provided direct support to their customers for 4 years.
Keyboard Interception
Our customer wanted to control system shortcuts to prevent users from using clipboard, print screen, some F key commands, task switching and some other system commands.
Solution: We wrote a device driver which controlled keystrokes and was configured via an xml file.