Zero Trust Security : Content Disarm and Reconstruction

Neutralize threats by disassembling and rebuilding files to a safe, clean standard

What is Content Disarm and Reconstruction (CDR)?

Content Disarm and Reconstruction (CDR) is an advanced cybersecurity technology designed to neutralize threats, such as malware and ransomware, within files. CDR works by disassembling files (documents, images, etc.) and removing any potentially malicious elements.
Advanced CDR solutions, such as Glasswall CDR technology, are able to retain a document’s original functionality and appearance – providing seamless protection to the end user.
https://safeware.ai/wp-content/uploads/2024/10/whatcdr.mp4#t=,44

The advantages of CDR

Content Disarm and Reconstruction plays a crucial role in enhancing an organization’s cybersecurity strategy. Here are four reasons why CDR is considered one of the most effective file protection solutions:

CDR removes threats from files

CDR is a zero-trust data filter that rebuilds files and documents into a safe, clean standard, free from the risks of malware. CDR prevents malicious files from entering a network and is used for secure file transfer across trust boundaries.

CDR is more secure than antivirus and sandboxing

Unlike detection-based solutions, CDR doesn’t try to identify malicious code – it simply removes the ability for it to exist altogether. This zero-trust approach disarms often overlooked advanced persistent threats, such as zero-day malware, high-risk active code and anomalies within a file’s structure.

CDR retains file functionality

Many conventional data filters flatten files (turn them into images) for use in high risk environments. Files cleaned by CDR are visually identical and fully functional, meaning you get your report – not a pancake.

CDR helps teams manage risk

CDR offers organizations comprehensive analysis of the threats within files, empowering security teams to remove or manage high-risk content according to their risk appetite.

How Glasswall CDR Works

Glasswall CDR employs our patented 4-step approach to protect government agencies and organizations against file-based threats. Unlike other cybersecurity solutions, we don’t try to identify the malicious code – we simply remove the ability for it to exist in the file altogether.

1. Inspect Breaks down the file into its constituent components. Validates the file’s structure against its specification

2. Rebuild Unknown and invalid file structures are repaired in-line with the file’s specification

3. Clean Removes high-risk file structures that contain active content, based on configurable policy

4. Deliver Semantic checks ensure the file’s integrity. The safe and fully functional file is now ready to use

CDR vs other technologies

While our recommendation is that CDR should be used as one component of a wider cybersecurity strategy, it is helpful to understand the significant advantages CDR has over other file protection technologies.

Glasswall CDR

Protects against unknown (zero-day) threats
Files are secured instantly with usability maintained
Doesn’t require an internet connection or updates

Antivirus

Relies on signatures and known indicators to detect threats
Files are held or quarantined
Requires constant database updates

Sandboxing

Can be evaded by malware with delayed detonation
Files are held or quarantined
Needs updating to protect against the newest threats

EDR

Can be evaded by targeted malware that falsifies information
Files are held or quarantined
Needs updating to protect against the newest threats

File flattening

Vulnerable to image steganography attack
Files are turned into images at the cost of functionality
Often antiquated systems require updating

Take a tour

Try Glasswall CDR in your browser

Clean a file

Glasswall CDR Products

Glasswall offers a range of products designed to meet various cybersecurity needs. Each product leverages Glasswall’s industry-leading CDR technology to provide robust protection against file-based threats while ensuring data security and compliance.

Glasswall Embedded Engine

Integrate industry-leading CDR file protection across your organization with the Glasswall Embedded Engine. This software development kit (SDK) includes an API, enabling fast and effective integration with new and existing application deployments to remove file-based threats. Supporting both Linux and Windows operating systems, it can be provided in containerized form – making it highly portable and easily deployable.

Learn more

Glasswall Halo

Implement out-of-the-box zero trust CDR file protection with Glasswall Halo. The solution is Kubernetes-based, which allows it to scale to meet the needs of your organization, whether that’s a small number of files or huge volumes of documents that need protecting each day. Glasswall Halo comes ready-to-go, enabling security teams to quickly and easily protect their organization against file-based threats. Deployment is rapid via Helm Charts, making the system easy to upgrade.

Learn more

Meteor

Supercharge your security capabilities with automated zero-trust file protection from Meteor. Its file synchronization and drag-and-drop processing capabilities work even when offline, making it perfect for isolated machines and remote environments.

Learn more

Constellations

Automatically process and transfer large quantities of data across trust boundaries with Glasswall Constellations. It is a zero-trust file protection solution that complies with NSA’s Raise the Bar standards and other industry guidance – utilizing our industry-leading CDR solution to solve the traditional challenges faced by security teams when processing substantial amounts of untrusted data.

Learn more

View All CDR Products

Use cases

Glasswall CDR (Content Disarm and Reconstruction) technology can be injected wherever a file is in motion, or at rest. Our range of solutions have been developed to enable government departments and corporate organizations to protect key operations with patented and industry-leading zero-trust file protection. Use cases include:

Cross Domain Solutions (CDS)

Supercharge new and existing cross domain solutions with CDR technology that removes the reliance on detection and data wrapping – replacing it with a zero-trust approach that treats all files as malicious – validating, rebuilding and cleaning each one to a known good standard.

Glasswall CDR enables government departments and commercial organizations to comply with industry best practice initiatives, such as NCSC’s Pattern for Safely Importing Data, NSA’s Raise the Bar Initiative and NIST Risk Management framework by the US Department of Commerce.

Learn more

File upload portals

Ingesting files from external parties and networks is a critical requirement for many organizations and government departments. However, there are weaknesses in current practices that can be exploited by the uploading of malicious content.

The Glasswall Embedded Engine’s zero-trust sanitization capabilities can be established at various integration points within an organization’s security architecture. This provides security teams with the capability to instantly and automatically remove known and zero-day (unknown) file-based threats – delivering secure, visually identical, and full functioning files to the end user.

Learn more

Cloud migration

All organizations rely on the transfer of files across trust boundaries, both within their infrastructure, or to/from public networks, and it is critical to ensure that malicious content or risky files are not transferred during cloud migrations.

Glasswall provides organizations and departments with REST endpoints that harness the power of the Kubernetes-based CDR solution, Glasswall Halo. Clients can process large storage containers at massive scale and at lightning speed – ensuring only safe, clean and fully-functioning files transfer across networks.

Learn more