Content Disarm and Reconstruction (CDR)

CDR tested for removal of known and unknown threats

SE Labs tested OPSWAT Deep CDR (Content Disarm and Reconstruction) against targeted attacks using file-based threats. These attacks are designed to compromise systems and penetrate target networks by hiding threats inside files that appear to be innocent.

Testers hid threats inside a variety of common file formats, such as office documents, web pages and archive files.

Content Disarm and Reconstruction (CDR) vs. hidden threats

These files were assessed by the CDR system, which attempted to remove known and unknown threats. The results show the extent to which the threat prevention system achieved that goal accurately.

Read more reports here.

CDR solutions work differently than traditional solutions

CDR security solutions take a different approach than many others. Instead of detecting threats, they pull files apart and put them back together again. The idea is that anything bad gets dropped by the wayside, and only good things can pass through.

This approach is particularly appropriate when considering the risk of man-in-the-middle attacks. You might send a useful file to a colleague, but an attacker intercepts it and adds a little extra something, like a remote access tool. When you open it, you see what you would expect, while the attacker gains access to your system.