Abstract: Generally discussed herein are systems, apparatuses, and methods for secure transfer of content across a security boundary. A system can include a high side domain communicatively coupled to a transfer guard module, the high side domain comprising a high side data repository, a first review module executable by processing circuitry to determine whether a permission level of first content violates a permission level of the high side domain, a second review module executable by the processing circuitry to determine whether second content from the high side data repository includes a permission level that violates a permission level of a low side domain, a first data diode module communicatively coupled between the first review module and the high side data repository, and a second data diode module communicatively coupled between the second review module and the high side data repository.

Abstract: Generally discussed herein are systems, apparatuses, and methods for secure transfer of content across a security boundary. A system can include a high side domain communicatively coupled to a transfer guard module, the high side domain comprising a high side data repository, a first review module executable by processing circuitry to determine whether a permission level of first content violates a permission level of the high side domain, a second review module executable by the processing circuitry to determine whether second content from the high side data repository includes a permission level that violates a permission level of a low side domain, a first data diode module communicatively coupled between the first review module and the high side data repository, and a second data diode module communicatively coupled between the second review module and the high side data repository.

Abstract: According to one embodiment, a computer-implemented method for execution on one or more processors includes receiving a first file and determining a file type of the first file. The method also includes determining, according to a first policy, a plurality of malware detection schemes to apply to the first file based on the determined file type of the first file. In addition, the method includes scheduling the application of the determined plurality of malware detection schemes to the first file amongst a plurality of detection nodes according to a second policy. Further, the method includes determining, in response to determining the results of applying the plurality of malware detection schemes, that the first file is malware or determining that the first file is suspected malware according to a third policy.

Abstract: According to one embodiment, a computer-implemented method for execution on one or more processors includes receiving a first file and determining a file type of the first file. The method also includes determining, according to a first policy, a plurality of malware detection schemes to apply to the first file based on the determined file type of the first file. In addition, the method includes scheduling the application of the determined plurality of malware detection schemes to the first file amongst a plurality of detection nodes according to a second policy. Further, the method includes determining, in response to determining the results of applying the plurality of malware detection schemes, that the first file is malware or determining that the first file is suspected malware according to a third policy.