What is Content Disarm and Reconstruction (CDR)?
CDR (Content Disarm and Reconstruction) is a cybersecurity technology that instantly removes potential file-based threats from incoming files and documents before it has the chance to enter a corporate network. CDR also referred to as ‘content sanitization’ breaks down files into their discrete components, removing anything that does not comply with its ‘known good’ manufacturers specification, removing any content that could be malicious (macros, links, embedded objects), rebuilding a sanitized, safe version so organizations can trust every file.
What cybersecurity challenges, threats, and risks does CDR address?
File security threats are growing faster than ever, with approximately 1 in every 100,000 files containing potential malware infections. Most of these threats are unknown to antivirus software which means they’re unable to mitigate the risks of malware attacks.
Glasswall’s CDR technology can be used to provide protection against threats before they enter file servers via email and website traffic, and our advanced file sanitization solutions can also provide similar protection on cloud email, web browsers and other computer endpoint devices where file sharing is most common.
How does it protect against the dangers of ransomware and zero-day vulnerabilities?
Glasswall’s Content Disarm and Reconstruction technology assesses file-based threats in real-time. Today’s popular file formats (such as Microsoft Office documents) offer many places for malicious content to hide, and there have been over 300 million ransomware attacks in the first half of 2021 alone. Glasswall pre-emptively removes potential threats by cleaning and rebuilding incoming files to match their original manufacturers file structure specifications and removing active content based on company policy settings so any potentially malicious elements are removed before they enter a corporate network.
How does Glasswall CDR work?
Glasswall’s proactive CDR technology instantly cleans and rebuilds files to match the known good manufacturer’s specification. This automatically removes potentially malicious code and threats from zero day attacks, ensuring that every document entering or leaving the organization’s network is safe.
Glasswall CDR technology uses a four step process:
Step 1 – Inspect
Three layers of the incoming file are inspected to verify that its digital DNA complies with the manufacturer’s specification, and the system corrects any deviations instantly.
Step 2 – Clean
High risk active content such as macros and embedded links are cleaned and removed from the original file (based on company policy), so only the users who need active content receive it.
Step 3 – Rebuild
The file is rebuilt to the authorised manufacturer’s standard, ensuring the file is clean and threat-free.
Step 4 – Deliver
The user instantly receives a safe, identical file that’s compliant, standardized, and trusted. This reduces the risk of malicious code hidden in malware from entering, therefore maintaining business continuity.
Is this offered as a single solution or are there different products depending on the user?
Glasswall’s main product is our Content Disarm and Reconstruction platform which is a cloud-native platform that can be implemented seamlessly into your corporate network. We also offer Glasswall Email Security which is an email only solution that can be implemented as a standalone solution. There are also other web applications and plug-ins available. Glasswall CDR platform supports most standard business file formats.
How is it implemented within the typical IT infrastructure?
Glasswall’s expert customer support team will implement the CDR platform into your corporate network and systems seamlessly and provide you with step by step guidance on how to maintain business continuity against zero day file-based threats.
Who implements it? Is it Glasswall or a partner?
The Glasswall CDR platform can be purchased and implemented directly from Glasswall, or via our authorised partners.
How does Glasswall CDR integrate with modern cloud and/or hybrid networks?
Our Glasswall CDR technology is available on-premises, across all clouds, or via dockers. Glasswall provides open source-based connectors for easy on-premises and cloud integrations and offers developer-centric web services with OpenAPI specification compliant design. In addition, cloud-ready machine images and virtual machine infrastructure offer out-of-the-box observability and metrics reporting.
How can users scale CDR as their organization grows?
Glasswall CDR Platform is built on flexible and scalable infrastructure, using Kubernetes, which enables users to spin up CDR clusters to suit their precise needs. This cloud-native architecture provides infinite scale on demand which means that hubs can be deployed across the organization to enable CDR workflows across the organizational networks.
How does CDR fit into an overall cybersecurity strategy?
Glasswall CDR is providing organizations around the world with proactive protection against file-based cybersecurity threats. As the risk networks and data increase due to the use of multiple corporate collaboration platforms and file sharing services, it’s now more important than ever to deliver a strategy that addresses both existing and emerging risks.
How does CDR compare to other security technologies, such as antivirus and sandboxing?
With global trends such as hybrid and remote working continuing to impact the way organizations use technology, the cyber threats landscape is also becoming more sophisticated and complex. The result is that reactive detection-based security solutions can’t keep up. Antivirus puts users at risk of malware attacks due to unknown threats, while sandboxing exposes organizations to risk from advanced malware and disrupts business productivity. These complex security solutions also add stress to busy security teams.
In contrast, our content disarm technology provides protection that doesn’t wait for detection by instantly cleaning and rebuilding all incoming files before they enter the network.
What are the main use cases for CDR?
Glasswall CDR has been developed to meet the needs of a wide variety of organizations who are focused on precise use cases. These include:
Cloud native integrations – The Glasswall CDR (Content Disarm and Reconstruction) platform is a cloud native, open architecture solution that’s infinitely scalable so users aren’t locked into proprietary technologies or service providers. Integration is refreshingly easy–we follow API-first, standards compliant design and integration connectors are free of charge. Just as we’re able to deploy the Glasswall CDR Platform to hosted environments for our customers, we believe you should be able to use Infrastructure-as-Code (IaC) script to deploy the solution into your hosting provider environments.
Data migration – Trust boundaries are everywhere. A cross domain plug-in provides a vital air-gap for files moving between trust boundaries, whether they’re inside the organization or across a public network. To migrate or synchronise file transfers across two or more storage locations, Glasswall CDR ensures that threats can be removed as they transition from folder-to-folder or across a domain interface. Multiple connectors are available to define how the Cross Domain Plug-in communicates with storage repositories before passing the file to the Glasswall CDR Platform for threat removal.
Metadata removal – Reduce the risk of sensitive information being leaked to a third party with Glasswall CDR. Most file formats have associated metadata that comes with the visual data. While this information can be helpful, it also poses a security risk. By removing metadata from every document sent or received, every file that has been Glasswalled minimises the risk of accidental information leaks.
Malware risk removal – Trust your files again – Glasswall CDR disarms and secures every file in real-time. Today’s popular file formats offer many places for malware to hide, and there have been over 300 million ransomware attacks in the first half of 2021 alone. Glasswall removes malware by cleaning and rebuilding files to match their ‘known good’ manufacturer’s specification.
Secure email – Protect your organization from the most stubbornly popular attack vector. With Glasswall CDR users receive secure emails at the speed of business. Glasswall proactively remove threats from every email without delay. Every attachment that comes through is cleaned and rebuilt so it is completely secure. The CDR technology analyzes and disables links within the body of an email by policy to limit the risk of phishing email attacks. As a CISO you can sleep easier knowing your files have been Glasswalled.
SDK Integration – Glasswall SDK Integration enables users to determine how analysis and threat removal integrates into their business workflow using Rest-based APIs. It uses a cloud native Kubernetes-based architecture allowing for massively parallel processing scale, which can be deployed within a public, private or hybrid cloud environment and does not require online access to operate.
File uploads and downloads – To reduce the risk of file-based threats, Glasswall gives users the freedom to download files from the internet without putting their organization at risk by instantly securing files that are uploaded to or downloaded from the web.
Can you name some real world Glasswall CDR customers?
Glasswall customers span across both the private and public sectors and include clients such as Interseve, the NSA, the Canadian Department of National Defence, Honeywell, and more.
How long has the technology been in development and on the market?
Glasswall was first established in 2005 however it wasn’t until 2010 that we began focusing on building our core CDR engine with the backing of high-net investors. In 2020, Glasswall launched a new suite of cloud-hosted products.
What are the overall benefits of using CDR?
Glasswall’s CDR platform has been tested, validated, and implemented by a range of the world’s leading intelligence agencies, who have successfully been protected against all efforts to penetrate the technology even when custom written exploits have been used to test the product. The analytics and policy management output and level of security delivered by Glasswall has always exceeded expectations – no other CDR technology has undergone such extensive, independent testing. Glasswall is one of only two file sanitization filters in the US Intelligence Community’s highly classified networks.
Today, customers around the world across public and private sectors see a range of cybersecurity benefits from using Glasswall CDR. These include:
- Secure and optimized transfer of file attachments
- Less risk which leads to greater productivity
- Ease of deployment to their networks
What are the differences between an organization that is using Glasswall CDR and one that isn’t?
A corporation using traditional antivirus and sand-boxing protection will not have real-time protection against any potential incoming threats and will therefore be more susceptible to attacks from zero day threats and other file-based attacks.
Click here to find out more about our CDR platform