GateScanner - Smart made simple
CONTENT DISARM AND RECONSTRUCTION (CDR) TECHNOLOGY
Simple and elegant in concept, Content Disarm and Reconstruction (CDR) also known as ‘file sanitization’, is a breakthrough technology with superior results in the prevention of all file-based attacks, commonly used for Advanced Persistent Threats (APT’s), ransomware, zero-day’s and “traditional” virus attacks.
It efficiently thwarts these attempts by dissecting every incoming file and enforcing a strict ‘known good’ format, rather than attempting to detect the endlessly-evolving list of ‘known bad’.
CDR compliments other anti-malware technologies like sandboxes and detection-based AV’s, but in contrast to them, it is a preemptive approach that does not rely solely on detection and is consequently able to deliver exceptionally high levels of incident prevention.
A good CDR solution will feature both deconstruction and reconstruction capabilities. During the CDR process, a file is broken-down to its most elementary components which are then deeply scrutinized with multiple AV’s and Next-Gen AI tools to be purified from any embedded active code. The file is then rebuilt according to its vendor specifications and reassembled in a way that disrupts any remaining, undetected malicious code. The output is a completely new yet functionally identical, copy of the original file, delivered in near real-time (see ‘Before/After CDR’ samples ).
In addition, high resolution controls enable surgical application of data redaction policies on the outgoing stream for the prevention of data exfiltration and for the implementation of data-loss prevention (DLP) and data-protection policies.
Content Disarm and Reconstruction stages:
We are certain that our CDR technology is practically impregnable. Our clients’ independent penetration tests repeatedly show up to 99.99 % success rates in the obstruction of unknown, embedded file-based threats, and that’s the bottom line – but it’s not the whole story.
Adding a new component to an existing system can be a major challenge, and flexibility is key to a successful implementation. With this in mind, we built GateScanner to be modular, highly configurable and easily scalable. Pick and choose any part of the CDR process you want to implement, select which channels to protect, and chain up to ten GateScanner engines on-the-fly to achieve a virtually unlimited processing capacity.
Challenged to deliver unique solutions for a wide variety of client configurations, we developed an integration engine, enabling the insertion of GateScanner content sanitization at any point along the data flow, before or after any existing security tools, notching-up the entire security profile of the network.
CDR deep-scans of deconstructed files with multi antivirus tools, including Next-Gen AI/ML AV, reaching detection levels of up to 2.5 times the rate of detection for the original composite file scan.
Hundreds of file types supported including the entire suite of MS Office, PDF, media files (images, audio, video), AutoCad, Hanword (HWP), Archives, PST, .EML, installation files, XML, HTML, other text files, medical imaging files (DICOM), and customized files. (See “Before & After CDR” sample files)
GateScanner implements CDR technology to protect email, portable media uploads, cross-network file transfers, safe browser downloads, computing appliances and to enable cross domain solutions with unidirectional gateways.
Sasa Software is privately owned by Kibbutz Sasa, Israel, with the majority of profits channeled back into R&D.