Jeswin Mathai is the Chief Architect at SquareX. He leads the team responsible for designing and implementing the Infrastructure. Prior to joining SquareX, He was working as the chief architect at INE. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo Labs (DEFCON). He has also been a co-trainer in-classroom training conducted at Black Hat Asia, HITB, RootCon, and OWASP NZ Day. He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals and conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security.
Episode Summary:
In this captivating episode of 'The Philip Wylie Show', host Philip Wylie is joined once again by offensive security aficionado Jeswin Mathai. This talk orbits around the expansive realm of professional hacking, highlighting the persistent curiosity and zealous passion these experts have for overcoming challenges in their line of work. With Jeswin on board, listeners can anticipate an in-depth exploration of Squarex's new and riveting features aimed at staving off online vulnerabilities.
The episode delves into the intricate world of in-browser malicious file detection, a pressing issue in today's digital-heavy climate. Jeswin Mathai meticulously walks listeners through the challenges surrounding the detection of malicious files, expanding upon why conventional antivirus solutions struggle and how attackers exploit naïveté during delivery. Furthermore, he presents a live demonstration of Squarex's monumental browser integration, showcasing its real-time detection capabilities and remediation options, elevating Gmail's native security measures to impressive new heights.
Key Takeaways:
Squarex is revolutionizing online security: The discussion reveals how the product can enhance Gmail security by detecting and alerting users to potential threats before they materialize.
In-browser file analysis: Squarex performs comprehensive checks directly within your browser, maintaining user privacy while offering robust protection against malicious files.
Malicious macros are a key threat vector: Jeswin explains how attackers utilize document macros, often undetected by traditional antivirus software, to compromise user systems.
Real-time alerts and remediation: Squarex provides instantaneous analysis of file attachments, distinguishing malicious intent and providing safer alternatives for download.
Enhanced user-friendly protection: The product is designed for ease of use, offering an intuitive safety net for both tech-savvy individuals and those less accustomed to cybersecurity measures.
Notable Quotes:
"The moment you open it, it's almost instantaneous. And not only is it telling you contains macros, tells you the details."
"This is a macro free version created right there in your browser, in case if you're concerned that something can go wrong."
"Email is like the primary source right now of delivery of malicious payload."
"So we have received the mail. So now as you can notice, this is a macro enabled file, but Gmail didn't say anything."
"It's a full blown file system packaged in just one single file, and how crazy it can be to detect malicious macros."
Resources:
Get your free Chrome plugin: http://sqrx.io/pw_x
https://www.linkedin.com/company/getsquarex/
https://twitter.com/getsquarex
https://www.instagram.com/getsquarex/