en.Wedoany.com Reported - Insecuurity (CEO Kim Jong-kwang), a specialized digital forensics, malicious code analysis, and incident response company, jointly hosted a "Zero Trust-Based File Security Seminar" with global cybersecurity company OPSWAT on the 23rd at its headquarters in Doksan-dong, Seoul, introducing the latest file security technologies and implementation cases. The event attracted numerous security practitioners from enterprises and public institutions, including Chief Information Security Officers (CISOs), security heads, and Security Operations Center (SOC) operators, to discuss preventive security strategies and practical application plans for countering rapidly evolving file-based cyberattacks driven by the proliferation of Artificial Intelligence (AI).

Insecuurity stated that with recent AI technologies being used for malicious code creation and attack automation, the time gap between vulnerability disclosure and actual attack occurrence has significantly shortened. Phishing and social engineering attacks leveraging generative AI are also becoming increasingly precise, making traditional detection-then-response approaches insufficient. A security system that blocks attacks before they reach the internal environment has become more critical. The seminar introduced security principles based on the National Institute of Standards and Technology (NIST) "SP 800-207 Zero Trust Architecture" and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) "Zero Trust Maturity Model," which do not inherently trust files or endpoints. The presentation outlined a latest file security architecture that treats files entering through various channels—such as email attachments, web downloads, file sharing platforms, and removable storage devices like USBs—as potential risk factors, ensuring security through a multi-stage verification process. Amid the increasing prevalence of zero-day vulnerabilities and supply chain attacks, a zero trust-based file security system is needed to address not only known malicious code but also novel threats undetectable by existing security solutions.

OPSWAT's integrated platform, "MetaDefender," is a preventive file security platform that performs detection, sanitization, analysis, and policy-based control from the moment files enter an organization. The platform integrates multi-engine antivirus scanning, Content Disarm and Reconstruction (CDR), AI-based sandbox analysis, File Vulnerability Analysis (FBVA), Data Loss Prevention (DLP), removable media security, and Managed File Transfer (MFT). By verifying files from various sources—including email, web downloads, file sharing systems, and USB storage media—through a multi-layered approach, the platform can proactively identify and block known malicious code, novel malware, and even zero-day attacks. It is applicable to critical infrastructure environments such as manufacturing, energy, defense, and public sectors. The event also featured a live demonstration of the MetaDefender product series, where participants observed the process of files entering an organization being securely delivered after detection, sanitization, and analysis in a simulated real-world environment.

The first demonstration introduced multi-engine antivirus scanning technology using "MetaDefender Core," showcasing how it simultaneously utilizes over 30 global antivirus engines to improve detection accuracy and reduce detection discrepancies between individual engines, unlike traditional single-engine antivirus approaches. It also demonstrated the file vulnerability analysis function that identifies known vulnerabilities (CVEs) within files. Subsequently, the "MetaDefender Deep CDR" segment presented Content Disarm and Reconstruction (CDR) technology, which removes elements from documents that could be used for malicious activities—such as macros, hyperlinks, OLE objects, hidden worksheets, and attachment content—before reconstructing only safe files. This technology supports over 150 file formats, including HWP and HWPX, and was emphasized as a preventive technique capable of eliminating novel threats that are difficult to detect with traditional signature-based methods. Additionally, the seminar covered a solution for blocking USB-based malicious code using the removable storage device security solution "MetaDefender Kiosk," and a secure file transfer architecture using "MetaDefender Managed File Transfer" to reduce security risks during file exchange between partners and internal organizations while enhancing visibility and audit capabilities for file movement history.

Finally, the AI-based threat analysis platform "MetaDefender Aether" was introduced. This platform combines predictive AI, adaptive sandboxing, and threat intelligence to analyze zero-day attacks and Advanced Persistent Threats (APTs) that are difficult for traditional security devices to detect. The demonstration showcased the process of using CPU-level emulation technology to bypass sandbox evasion techniques and analyze the actual behavior of malicious code. The seminar also covered file vulnerability analysis and AI-based data loss prevention technologies, as well as an integrated file security architecture linking email security, removable media security, secure file transfer, and Network Detection and Response (NDR). Case studies on building integrated IT/OT security for critical infrastructure sectors such as manufacturing, energy, defense, and public institutions were also shared.

Insecuurity stated that the role of file security has evolved beyond simply detecting malicious code to encompass data protection, regulatory compliance, and the protection of national critical infrastructure. To this end, building a preventive security system that performs verification, sanitization, analysis, and policy-based control at the initial stage of file entry is crucial. CEO Kim Jong-kwang stated that with the advancement of AI, attackers can create more precise malicious files faster, and files remain a core penetration vector for ransomware and supply chain attacks. It is essential to build a preventive security system integrating multi-engine antivirus, CDR, AI-based sandboxing, and data protection technologies under the zero trust principle of not inherently trusting files. He added that the company will continue to expand various technical support and education/training programs to help domestic enterprises and public institutions effectively respond to file-based threats.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com