Content Disarm & Reconstruction

Content Disarm & Reconstruction (CDR) is a computer security technology for removing malicious code from files. Unlike malware analysis, CDR technology does not determine or detect malware's functionality but removes all file components that are not approved within the system's definitions and policies.[1]

It is used to prevent cyber security threats from entering a corporate network perimeter. Channels that CDR can be used to protect include email and website traffic. Advanced solutions can also provide similar protection on computer endpoints, or cloud email and file sharing services.

Applications

CDR works by processing all incoming files of an enterprise network, deconstructing them, and removing the elements that do not match the file type's standards or set policies.[2] CDR technology then rebuilds the files into clean versions that can be sent on to end users as intended.[3]

Because CDR removes all potentially malicious code, it can be effective against zero-day vulnerabilities that rely on being an unknown threat that other security technologies would need to patch against to maintain protection.

CDR can be used to prevent cyber threats from variety of sources:

  • Email
  • Data Diodes
  • Web Browsers
  • Endpoints
  • File Servers
  • FTP
  • Cloud email or webmail programs
  • SMB/CIFS
  • Removable media scanning (CDR Kiosk)

See also

References

  1. Santarcangelo, Michael (April 25, 2016). "Why better security prevention that doesn't rely on detection is possible". CSO Online. Retrieved August 16, 2016.
  2. "Why Today's Phishing Attacks are Harder to Detect and How Proofpoint Can Help" (PDF). Proofpoint. Retrieved August 16, 2016.
  3. Yeroslav, Yakov. "File-Based Malware: Considering A Different And Specific Security Approach". Retrieved 9 October 2018.

Glasswall Solutions Whitepaper discusses how organisations can protect themselves from such email attachment threats by integrating highly-detailed, unique analytics and file-regeneration technology. [1]

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.