Smart made simple

CONTENT DISARM AND RECONSTRUCTION (CDR) TECHNOLOGY

Simple and elegant in concept, Content Disarm and Reconstruction (CDR) also known as ‘file sanitization’,  is a breakthrough technology with superior results in the prevention of all file-based attacks, commonly used for Advanced Persistent Threats (APT’s), ransomware, zero-day’s and “traditional” virus attacks. 
It efficiently thwarts these attempts by dissecting every incoming file and enforcing a strict “known good” format, rather than attempting to detect embedded  malicious code by referencing the endlessly-evolving list of “known bad”. 
CDR compliments other anti-malware technologies like sandboxes and detection-based AV’s, but in contrast to them, it is a preemptive approach that does not rely solely on detection, and is consequently able to deliver exceptional levels of incident prevention.

A good CDR solution will feature both detection and disarm/reconstruction capabilities. During the CDR process, a file is broken-down to its most elementary components which are deeply scrutinized with multiple AV’s and cleansed from any embedded active code. The file is then rebuilt to its original vendor specifications – reassembled in a way that disrupts any possibly remaining, undetected malicious code. The end result is a completely new, yet functionally identical copy of the original file, delivered in real-time (see our ‘Before’ and ‘After’ CDR file samples page).

Highly configurable deconstruction/reconstruction controls also enable a surgical application of data redaction policies on the outgoing stream, for the implementation of data-loss prevention (DLP) and data-protection schemes.

Content Disarm and Reconstruction stages:

  • File deconstruction to its elementary components
  • Deep threat detection with TrueType identification, highly optimized Multi-AV scans, NextGen AI detection, and file signature verification applied to each component
  • Proprietary file disarm of the components from any potentially harmful components like macros, scripts, embedded elements
  • Advanced file reconstruction, removing in the process undetectable weaponized content, exploits and all components that do not meet the designated security policy

Why GateScanner?

We are certain that our CDR technology is practically impregnable. Our clients’ independent penetration tests repeatedly show up to 99.99 % detection rates for unknown threats, and that’s the bottom line  – but it’s not the whole story. 

Adding a new component to an existing system can be a major challenge, and flexibility is key to a successful implementation. With this in mind, we built GateScanner to be modular, highly configurable and easily scalable. You can pick and choose any part of the CDR process you want to implement, and how. You can choose which of your channels to protect, and you can chain up to ten GateScanner engines on-the-fly, to achieve virtually unlimited processing capacity.

Challenged to deliver unique solutions for a wide variety of client network configurations, we developed an External-Tools-Integration engine, enabling the insertion of GateScanner  processing into practically any point along the data processing flow –  before or after your existing security tools –  and optimizing the overall performance of all tools in the process. GateScanner will upgrade your entire security profile.

For us, every client is an opportunity to get creative. Our highly dedicated development team works closely with clients to fulfill their most ambitious goals. We look forward to creating your solution!

GateScanner features: 

GateScanner achieves prevention levels of up to 99.99% for undetectable threats, protecting organizations from APT’s, Zero-days, ransomware and other file-based attacks.
Extreme flexibility – the GateScanner solution is modular, scalable and highly configurable
Built-in external-tools integration optimizes performance of all existing security tools

CDR deep-scans of deconstructed files with multi antivirus tools, including Next-Gen AI/ML AV, reaching detection levels of up to 2.5 times the rate of detection for the original composite file scan.

Hundreds of file types supported including the entire suite of MS Office, PDF, media files (images, audio, video), AutoCad, Hanword (HWP), Archives, PST, .EML, installation files, XML, HTML, other text files, medical imaging files (DICOM), and customized files.

GateScanner implements CDR technology to protect email, portable media uploads, cross-network file transfers, safe browser downloads, computing appliances and to enable cross domain solutions with unidirectional gateways.

All processing is on the client side. No vendor involvement

Sasa Software is privately owned by Kibbutz Sasa, Israel, with the majority of profits channeled back into R&D.  We’re in this for the long run

GATESCANNER DATASHEET

join the newsletter

Sasa Software

A leading provider of extensive CDR-based network security solutions, trusted by over 250 public and private sector organizations.

  • US Government ITAR IT compliant
  • ISO 27001 Certified
  • Approved by the Israeli and Singaporean Cyber Commands
Find out more
Facebook
Youtube
Linkedin
Twitter
Facebook
Youtube
Linkedin
Twitter
EULA
privacy
helpdesk
Blog

Copyright © 2021 – Sasa Software

Scroll to Top