SquareX publishes research on attacks that completely bypass Secure Web Gateways at DEF CON’32. Read More

SquareX Uncovers Critical Vulnerabilities in Top Webmail. Providers. Read More

✨ SquareX has raised a USD 6M seed from Sequoia Capital SEA. Read More

Home / Use cases / Malicious Files

Malicious Files

Files are the most common attack vector used by threat actors. Security solutions such as secure web gateways primarily rely on threat feeds and URL categorization which at times, won’t be sufficient to protect an enterprise. Attackers can easily employ techniques to masquerade content of the file and serve the file from known or broadly classified domains and thus evade content-specific and URL categorization-based checks respectively.

SquareX’s in-browser file analysis engine hooks into every file download and is capable of detecting potentially malicious content. Enterprises can even define granular policies for encrypted files such as the user must provide the password for decryption, and once the in-browser scan is performed and the file deemed safe, only then it can be downloaded or viewed. Combining this with available site properties such as domain age, number of redirects, and many more, an enterprise can design a robust policy for blocking file based threats.

Additionally, SquareX also incorporates popular threat feeds to block known malicious files.

Block download of files when file scanner verdict is malicious / suspicious

SquareX's in-browser malicious document detection is capable of looking through Macro-enabled Office Document's file structure, and source code to flag out the use of invasive functions, tampering, and AV evasion tactics used. Files deemed malicious or suspicious by SquareX's file scanner pose a threat to user systems. Blocking these downloads ensures that potentially harmful files are not executed. Admins can prompt ‘Block download of files when file scanner verdict is malicious / suspicious’ to create this policy. The outcome will be:

Block files containing VBA Macro

Files with embedded code, such as macros, can execute harmful scripts when opened. Blocking these files ensures that any potentially malicious macros are contained and cannot harm the user's system. Admins can leverage the policy generator by prompting ‘Block Files with VBA Macros’ to establish this policy. The expected outcome is: