What is Content Disarm and Reconstruction (CDR)? 

by | Dec 15, 2022 | Best practise/how to guides, Product Announcements, Thought leadership

Malicious, file-based cyber security threats are constantly evolving and growing faster than ever. Approximately 1 in every 100,000 files contains potentially malicious content, with 98% of them being unknown by antivirus solutions for up to 18 days before they can mitigate potentially devastating risks.

With global trends such as hybrid and remote working continuing to impact the way organizations use technology, the threat landscape is also becoming more sophisticated and complex. The result is that reactive detection-based security solutions can’t keep up: Antivirus puts users at risk with every new threat while sandboxing exposes organizations to risk from advanced malware and disrupts business productivity. These complex security solutions also add stress to busy security teams.

Content Disarm and Reconstruction: Zero-trust file protection

As a result, detection-based security methods must play catch up with new and unknown threats and malware that contain potentially malicious code. In contrast, Glasswall’s zero-trust file protection treats all file formats (Microsoft Office Documents, PDF file, etc.) as untrusted — validating, rebuilding and cleaning each file to a safe and compliant standard — automatically removing potential threats.

This simple approach ensures every document entering or leaving the organization is safe, allowing users to access files with full confidence.
We’re offering two freemium solutions to help you try out our industry-leading CDR. Experience the power of Glasswall CDR yourself!


How Glasswall CDR instantly removes risk

Glasswall Content Disarm and Reconstruction (CDR) technology instantly removes risk by using a patented four-step process:

1. Inspect – Breaks down the file format into its constituent components. Validates the file’s structure against its specification


2. Rebuild – Unknown and invalid file formats are repaired in line with the file’s specification


3. Clean – Removes high-risk file structures that contain active content, based on configurable policy


4. Deliver – Semantic checks ensure the file’s integrity. The safe and fully functional file is now ready to use



The result is a powerful ability to close the security blindspots that can leave organizations vulnerable and without protection for an average of 18 days. Cybercriminals know that reactive antivirus and sandboxing technologies cannot identify new and malicious content hidden in files and documents for days or even weeks after they have been released.


A flexible, cloud-native and infinitely scalable platform


Built on flexible and scalable infrastructure, Glasswall uses Compliant Kubernetes functionality, enabling users to spin up CDR clusters to suit their precise needs. This cloud-native architecture provides infinite scale on demand, allowing hubs to be deployed across the organization to enable CDR workflows across multiple network segments.


Available on-premises, across all clouds or via dockers, Glasswall provides open source-based connectors for easy on-premises and cloud integrations and offers developer-centric web services with OpenAPI specification-compliant design. In addition, cloud-ready machine images and virtual machine infrastructure offer out-of-the-box observability and metrics reporting. With typical sub-second parallel file processing, Glasswall CDR is available on-premises, across all clouds or via dockers.


Comprehensive use cases


Glasswall CDR has been developed to meet the needs of a wide variety of organizations and large enterprises that are focused on precise use cases. These include:


Secure CDS deployments

Organizations need no longer accept the risks associated with traditional antivirus solutions when importing and exporting files to and from secure networks.

Glasswall integrates with new and existing CDS deployments to enable compliance with frameworks such as the NCSC’s pattern for safely importing data and the NIST Risk Management framework by the NSA and NCDSMO.

Glasswall’s zero-trust philosophy removes security teams’ reliance on detection – replacing it with a zero-trust file protection solution that raises the bar on CDS protection.


Maintain air-gapped networks

Glasswall CDR provides zero-trust file protection that maintains air-gapped network isolation. Detection-based solutions require an open channel to ingest updates compromising the isolation of secure networks. Glasswall’s zero-trust philosophy doesn’t rely on updates to protect against both zero-day and known file-based threats and malware – ensuring maximum isolation for secure networks.


Mission critical compliance

Glasswall CDR boasts patented capabilities such as Word Search and Redact and Metadata removal that enables organizations across the globe to comply with various industry guidelines. These include, but are not limited to:


Data protection:

  • GDPR
  • California Consumer Privacy Act


Industry Guidelines:

  • NCSCs Pattern for Safely Importing Data
  • Raise the Bar
  • ISGs


Secure file uploads against file-based threats 

There is no longer the need for organizations to rely on detection-based solutions to provide comprehensive protection against malicious content and malware uploaded to their internal networks, via websites or upload portals.

Glasswall CDR can be implemented at various points within the upload process – ensuring that all uploaded files are secured by our unrivalled zero-trust CDR file protection capabilities.


Secure cloud migrations 

Glasswall CDR can be used to process and protect files, at scale, as they migrate from one cloud to the other, or from an on-premises location to a cloud destination. Our platform’s Kubernetes architecture can spin up clusters to scale instantly, and infinitely – giving organizations the power to only migrate healthy files.


Content Disarm and Reconstruction (CDR) – The benefits


Glasswall’s CDR platform has been tested, validated and implemented by a range of the world’s leading intelligence agencies, who have successfully protected against all efforts to penetrate the technology even when custom-written exploits have been used to test the product. The analytics and policy management output and level of security delivered by Glasswall have always exceeded expectations – no other CDR technology has undergone such extensive, independent testing.

Today, customers worldwide across public and private sectors see a range of cyber security benefits from using Glasswall CDR. These include:


Take a zero-trust approach to files 

Instead of looking for malicious content, Glasswall’s zero-trust file protection treats all files as untrusted — validating, rebuilding and cleaning each file to a safe and compliant standard — automatically removing potential zero-day threats.

With Glasswall CDR, only safe, clean and fully functioning files enter and leave an organization, allowing users to access files with full confidence.


No more security trade-off — just safe, usable files at speed

Security teams need no longer choose between complete file security or speed and usability. Unlike other CDR vendors who flatten files, Glasswall’s CDR technology provides rapid zero-trust and zero-day file protection that maintains original document usability. There is no dependence on antivirus databases to provide knowledge of a new threat, and security teams no longer deal with disruptions from quarantining incoming files or false positives.

We are set apart from the crowd by our capability to instantly return files to their manufacturer’s ‘known-good’ specification. Each processed document is risk-free, fully functioning and visually identical to the original.


Empower security teams with granular risk control

Glasswall’s CDR technology provides an unmatched understanding of files, providing a complete analysis of the risks and active content found within a file. Security teams are given the ability to remove risk and shape their security policy to match their risk appetite. Simultaneously, control over end-user actions is regained, as malicious files are dealt with before a file is delivered to the end user.


Deploy with ease and powerful scalability

The Glasswall CDR Platform is Kubernetes-based, meaning that our range of CDR solutions can be scaled to match business requirements. Glasswall can be deployed in minutes, on-premises, within air-gapped environments, or both public and private clouds as we adhere to open standards. We provide virtual machine images or Kubernetes helm charts to support the deployment of our solutions.


Our Products

Glasswall CDR Engine

The Glasswall CDR engine regenerates every file to its known good manufacturer’s standard, ensuring only safe, clean files are handled by other services or users. Our SDK enables you to easily embed the Glasswall CDR engine into your environment, proactively protecting against the most persistent and complex file-based threats.


Glasswall CDR Platform 

Built on flexible and scalable infrastructure, Glasswall CDR platform uses compliant Kubernetes so you can spin up CDR clusters to suit your needs. Available on-premises, across all clouds or via docker. Security-hardened and compliance-ready for total peace of mind, so you can be the security team that drives business forward, no matter what’s ahead.


Illustration about Glasswall Rest ApiGlasswall REST APIs 

Glasswall has developed an API-first architecture in delivering our Kubernetes-based CDR Platform. A typical business document file can be analyzed and protected in less than 1 second. With two sets of REST-based API endpoints available, either synchronous Cloud API or asynchronous API, the Glasswall API helps developers devise the most effective integration approach to meet their needs.


Glasswall Desktop illustrationGlasswall Desktop 

Users receive files on their work computers in a variety of ways. Automatically remove potential threats from files (including threats AV software hasn’t detected yet). With Glasswall Desktop, employees can drag and drop files from the outside world into the Glasswall Embedded Engine – so they’re free to use files without risk.


Glasswall Clean Room illustrationGlasswall Clean Room 

Give users the freedom to work with files risk-free across their devices. Simply drag and drop files from the outside world onto the Glasswall Clean Room and instantly remove potential threats – even the ones AV solutions haven’t detected yet.


Our Integrations

Glasswall integrations provide easy connectivity into your cloud and network services environment to provide for added file threat removal. Options include:

illustration about icap integrationICAP 

Insert Glasswall CDR into the transparent SSL inspection of traffic with our ICAP plugin. All files encountered are rebuilt to their manufacturer’s known-good specification, removing any malicious, active or sensitive content, and providing security teams peace of mind while transferring files across trust boundaries.

Palo ALto Logo with orange backgroundPalo Alto

Supercharge your firewall with additional protection against file-based threats from the Glasswall–Palo Alto Networks Firewall plug-in. It is a simple-to-install and highly scalable solution that seamlessly integrates with our industry-leading CDR (Content Disarm and Reconstruction) platform.

Menlo logo with purple backgroundMenlo  

Insulate users from web and file-based threats with the Glasswall–Menlo Security plug-in. The integration embeds Glasswall CDR file security capabilities within Menlo’s Security Isolation Platform, ensuring users can safely browse the internet and receive safe files that are free from malicious threats.


Glasswall Threat Intelligence

Glasswall provides unique insights into file-based threats and how risks may accumulate across your organization. Security teams can make intelligent policy decisions on active content types, such as Macros in Microsoft Office or JavaScript in PDF documents. Glasswall can also check every file against over 50 Reputation Services and Threat Feeds from a database of over 12 billion goodware and malware files.


Glasswall CDR provides organizations worldwide with proactive protection against file-based cyber threats. As the risks to networks and data increase, it’s now more important than ever to deliver a strategy that addresses both existing and emerging malware risks.


What are file-based threats?

What is zero-trust file protection?

How does Glasswall CDR work?

Picture of a knight mask with swords to illustrate our battle for being the market leader in CDR

Glasswall vs Competitors

Why Glasswall CDR?

Learn about the simple way to protect against sophisticated file-based threats.

All resources



Case Studies

Use Cases




Product help



Contact us


strategic alliances

About our Partner Program

Our Partners

Become a Partner

Glasswall partner program

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People




Contact Us

support lines


Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.