Data Loss Prevention - Expanded File Type Controls for Executables and Disk Images
9mo ago
Source
CloudflareData Loss Prevention - Expanded File Type Controls for Executables and Disk Imagescloudflare.comYou can now enhance your security posture by blocking additional application installer and disk image file types with Cloudflare Gateway. Preventing the download of unauthorized software packages is a critical step in securing endpoints from malware and unwanted applications. We have expanded Gateway's file type controls to include: Apple Disk Image (dmg) Microsoft Software Installer (msix, appx) Apple Software Package (pkg) You can find these new options within the Upload File Types and Download File Types selectors when creating or editing an HTTP policy. The file types are categorized as follows: System : Apple Disk Image (dmg) Executable : Microsoft Software Installer (msix) , Microsoft Software Installer (appx) , Apple Software Package (pkg) To ensure these file types are blocked effectively, please note the following behaviors: DMG: Due to their file structure, DMG files are blocked at the very end of the transfer. A user's download may appear to progress but will fail at the last moment, preventing the browser from saving the file. MSIX: To comprehensively block Microsoft Software Installers, you should also include the file type Unscannable . MSIX files larger than 100 MB are identified as Unscannable ZIP files during inspection. To get started, go to your HTTP policies in Zero Trust. For a full list of file types, refer to supported file types .
You might also wanna read
Layered file upload security in .NET: Extension allowlisting, size limits, and magic number validation
A practical guide to implementing layered file upload security in .NET applications. The article covers three essential validation layers: e
dev.to·28d agoPackage Manager Lockfiles as Software Bill of Materials (SBOMs)
The article argues that package manager lockfiles (like Gemfile.lock, package-lock.json, etc.) are essentially Software Bill of Materials (S
nesbitt.io·6mo ago
Adobe Software Secretly Modifies System Hosts File to Block Activation Server Access
Adobe software has been found to secretly modify the Windows/Mac hosts file to block access to its own activation servers, preventing users
How Windows handles unassociated file types across versions
A blog post examining how different versions of Windows handle clicking on unassociated file types (files without a default program). The au
movq.de·13d ago
The Hidden Complexity of Opening Files Across Security Boundaries
This article explores the complexity of opening files across security boundaries in software development. It contrasts the simple case for a
Show HN: VSCan - Detect Malicious VSCode Extensions
vscan.dev·1y ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.