What is Content Disarm and Reconstruction?

What are the benefits of Content Disarm and Reconstruction (CDR)?

Content Disarm and Reconstruction (CDR) is a process for cleaning incoming files from potentially malicious content before delivering them to the end user. It is also known as ‘data sanitation’.

The CDR process is as follows:

  1. Identify the incoming file type e.g. image file, Word document etc.
  2. Break the file down into its elements
  3. Identify and remove any file  elements that do not comply with file type specifications
  4. Build a new, clean file with the remaining content
  5. Deliver the clean file to the user

With CDR, when a user downloads a file, only the clean file is delivered, with any potentially malicious code removed. In conjunction with RBI, CDR provides comprehensive malware protection for both web browsing activities and files downloads.

Learn How to Protect Networks Against Malicious Code Hidden in Files


The Benefits of CDR

Protects against malicious code, even zero-day threats

CDR protects the end user computer from all kinds of malware, even zero-day threats, because it removes all unexpected content from a file. This is in contrast to traditional anti-malware software that relies on detecting malware based on a database of known threats.

Promotes productivity

As CDR doesn’t rely on a database, no time-consuming, frequent updates are needed to keep it working effectively. There are also fewer security incidents as malware infections are prevented to begin with.

A good CDR solution will work quickly in the background, as files are downloaded. Users can continue working undisrupted while CDR works in real-time to prevent malware infection. Organizations can also allow their users more freedom to access content, with less restrictive Internet policies, when CDR is used.

Prevents cyber threats from multiple sources

CDR works to protect an organizational network from cyber threats that originate in files from many sources, including:

  • Email
  • Web browsers
  • File servers and FTP
  • The cloud
  • Endpoint devices

Read these related blog posts

Moving to a Zero Trust isolation-based security approach is faster and easier than you think.

Get a 1:1 Demo