Content Disarm & Reconstruction
Content Disarm & Reconstruction (CDR) is a computer security technology for removing malicious code from files. Unlike malware analysis, CDR technology does not determine or detect malware's functionality but removes all file components that are not approved within the system's definitions and policies.[1]
It is used to prevent cyber security threats from entering a corporate network perimeter. Channels that CDR can be used to protect include email and website traffic. Advanced solutions can also provide similar protection on computer endpoints, or cloud email and file sharing services.
Applications
CDR works by processing all incoming files of an enterprise network, deconstructing them, and removing the elements that do not match the file type's standards or set policies.[2] A CDR technology then rebuilds the files into clean versions that can be sent on to end users as intended.
Because CDR removes all potentially malicious code, it can be effective against zero-day vulnerabilities that rely on being an unknown threat that other security technologies would need to patch against to maintain protection.
CDR can be used to prevent cyber threats from a variety of sources:
- Web Browsers
- Endpoints
- File Servers
- FTP
- Cloud email or webmail programs
Commercial availability
CDR or similar file sanitization technology is commercially available from companies including:[3]
- OPSWAT
- Check Point
- Glasswall Solutions
- Mimecast
- ReSec Technologies
- Sasa Software
- Symantec
- Tresys Technology
- Votiro
See also
References
- ^ Santarcangelo, Michael (April 25, 2016). "Why better security prevention that doesn't rely on detection is possible". CSO Online. Retrieved August 16, 2016.
- ^ "Why Today's Phishing Attacks are Harder to Detect and How Proofpoint Can Help" (PDF). Proofpoint. Retrieved August 16, 2016.
- ^ Lawrence Pingree (August 16, 2016). "Information Security Technologies & Markets". MindMeister. Retrieved August 16, 2016.
- ^ "Data Sanitization (Content Disarm & Reconstruction)". OPSWAT. Retrieved October 26, 2016