Glasswall Embedded Engine - Zero-Trust File Protection SDK

Make the safest path the fastest: provably malware-free files without slowing users.

The Glasswall Embedded Engine is a developer SDK that embeds zero-trust CDR directly into your applications, APIs, and gateways. Core modes include Analysis (deep structural reporting), Protect (rebuild/sanitise), and Export/Import (round-trip via XML). The engine outputs rich XML analysis reports, performs reliable file-type identification, enforces content-management policy, and supports Word Search & Redaction for text/metadata. Language bindings (C++, C#, Java, Python, JavaScript, etc) simplify integration in Azure-hosted services and on-prem systems, delivering safe, visually identical files across 85+ file types. Common uses: secure upload portals, mail/file gateways, cross-domain transfers, and custom LOB apps.

Why this matters

• Eliminate unknowns by design. CDR doesn’t “detect & block”; it rebuilds every file to a verified known-good standard, removing the ability for malware to exist.  What is CDR?
• Aligned with leading guidance. Glasswall CDR is consistent with recommendations and patterns from NCSC, NSA, and NIST for safely importing data.  Industry Leading File Protection
• Operational fit for developers. Embed CDR in portals, gateways, and microservices with structured APIs and language bindings.

Capabilities

• Analysis & Protect modes with detailed XML reports (issues, sanitization, remedies).
• Export/Import to XML for deterministic round-trip and external processing.
• Reliable file-type identification (e.g., DetermineFileType & reporting helpers).
• Policy-driven sanitisation/remediation
• DLP (Find & Redact) — regex/homoglyph-aware word search and redaction are part of the platform.
• Steganography mitigation — image stego controls are included.
• Conform: automatically repair PDF files that are unable to be processed due to malformed or corrupt structures

Attributes

• Patented four-step CDR: Inspect -> Clean (policy) -> Rebuild -> Deliver - turns untrusted files into compliant, fully functional outputs.
• Depth of coverage. Coverage across 85+ file types, including cpmplex / nested content.  Supported File Types
• ZS6 level Zero Trust File Security – Glasswall implements ZS-6 level file assurance, the highest tier defined in the Zero-Trust Spectrum (Files), representing deterministic rebuild from a clean intermediary model, no lift& shift and fully specification-compliant, policy-enforced output.
• Offline/air-gapped fit. Designed for disconnected networks and mission systems.

Outcomes by audience

• Partners/SIs: Reduce delivery risk for classified or disconnected programs; automate endpoint and file-transfer hygiene with watch-folder policies and optional DLP.
• Government: Enforce safe cross-domain/edge workflows in air-gapped enclaves; apply CDR plus find-and-redact to prevent sensitive data leakage.
• Regulated industries (FSI, Insurance, etc.): Stop file-borne threats in KYC/onboarding while redacting PII/keywords per policy—fully offline when required.
• Enterprises: Zero-trust file security that users barely notice—but auditors do (with audit trail evidence for policy actions).

Try Glasswall CDR or contact sales@safeware.ai

https://www.wetransact.io/