Smart made simple
CONTENT DISARM AND RECONSTRUCTION (CDR) TECHNOLOGY
Simple and elegant in concept, Content Disarm and Reconstruction (CDR) also known as ‘file sanitization’, is a breakthrough technology with superior results in the prevention of all file-based attacks, commonly used for Advanced Persistent Threats (APT’s), ransomware, zero-day’s and “traditional” virus attacks.
It efficiently thwarts these attempts by dissecting every incoming file and enforcing a strict “known good” format, rather than attempting to detect embedded malicious code by referencing the endlessly-evolving list of “known bad”.
CDR compliments other anti-malware technologies like sandboxes and detection-based AV’s, but in contrast to them, it is a preemptive approach that does not rely solely on detection, and is consequently able to deliver exceptional levels of incident prevention.
A good CDR solution will feature both detection and disarm/reconstruction capabilities. During the CDR process, a file is broken-down to its most elementary components which are deeply scrutinized with multiple AV’s and cleansed from any embedded active code. The file is then rebuilt to its original vendor specifications – reassembled in a way that disrupts any possibly remaining, undetected malicious code. The end result is a completely new, yet functionally identical copy of the original file, delivered in real-time (see our ‘Before’ and ‘After’ CDR file samples page).
Highly configurable deconstruction/reconstruction controls also enable a surgical application of data redaction policies on the outgoing stream, for the implementation of data-loss prevention (DLP) and data-protection schemes.
Content Disarm and Reconstruction stages:
We are certain that our CDR technology is practically impregnable. Our clients’ independent penetration tests repeatedly show up to 99.99 % detection rates for unknown threats, and that’s the bottom line – but it’s not the whole story.
Adding a new component to an existing system can be a major challenge – flexibility is key to a successful implementation. With this in mind, we built GateScanner to be modular, highly configurable and easily scalable. You can pick and choose any part of the CDR process you want to implement, and how. You can choose which of your channels to protect – and you can chain up to ten GateScanner engines on-the-fly to achieve virtually unlimited processing capacity.
Challenged to deliver unique solutions for a wide variety of client configurations, we developed an External-Tools-Integration engine, enabling the insertion of GateScanner processing into practically any point along the data flow – before or after your existing security tools – optimizing the overall performance of all tools in the process. GateScanner will upgrade your entire security profile.
For us, every client is an opportunity to get creative. Our highly dedicated development team works closely with clients to fulfill their most ambitious goals. We look forward to creating your solution!
CDR deep-scans of deconstructed files with multi antivirus tools, including Next-Gen AI/ML AV, reaching detection levels of up to 2.5 times the rate of detection for the original composite file scan.
Hundreds of file types supported including the entire suite of MS Office, PDF, media files (images, audio, video), AutoCad, Hanword (HWP), Archives, PST, .EML, installation files, XML, HTML, other text files, medical imaging files (DICOM), and customized files. (See “Before & After CDR” sample files)
GateScanner implements CDR technology to protect email, portable media uploads, cross-network file transfers, safe browser downloads, computing appliances and to enable cross domain solutions with unidirectional gateways.
Sasa Software is privately owned by Kibbutz Sasa, Israel, with the majority of profits channeled back into R&D. We’re in this for the long run