Logo
blank Skip to main content

Get IP and other SMB session parameters in kernel mode file system filter driver!

For more details:

The Apriorit Team was in charge with an advanced cyber security project. Kernel-level driver to work with file system was a part of it. Kernel level gave the green light for a number of advanced features – but it also produces questions about implementation approaches. This time, the task was to improve file activity monitoring feature providing additional information about the user, who accessed a file in a network share; and also organize rule-based network share access.

How to organize kernel-level file system filtering? Internal Windows API research was conducted.

 

Take a look at the Apriorit file system development experience example: File system filter driver development tutorial.

Tell us about your project

Send us a request for proposal! We’ll get back to you with details and estimations.

By clicking Send you give consent to processing your data

Book an Exploratory Call

Do not have any specific task for us in mind but our skills seem interesting?

Get a quick Apriorit intro to better understand our team capabilities.

Book time slot

Contact us