Friday, March 10, 2023

What is ZT - CDR?

Ever wondered why cyber security always has to follow cyber crime?

The pattern always is:

Malware is born -> Zero day attacks -> Malware is discovered -> Signatures are written -> Databases are updated -> Malware is contained.

This cycle repeats for every single malware and as we now know - we are still after the malware.

The basic signature based method has its own flaws and to date has never been able to stop the malware menace.

CDR is a rare cyber security solution that is not dependent on Signatures.


Why CDR?

The bad actors hide malware in files and attempt to infect networks. These are difficult to detect zero day attacks. Networks that use CDR in their threat vectors like Email or Cloud apps or internet traffic are benefited by having a Zero Trust CDR which is 100% fool proof. It works by scanning incoming files to copy only the content from the file, the copied content is written on to a new file. The clean file with the reconstructed content is delivered to the end-user.






CDR reduces the risk of data breaches and system infections. It also ensures that files can be safely shared within a network without compromising the security of the system.

While CDR is an effective security solution, it is not a silver bullet. It should be used in conjunction with other security measures, such as email security or proxy or CASB. By combining these different security measures, businesses can reduce the risk of cyber attacks and ensure the safety of their data.

In conclusion, Content Disarm and Reconstruction (CDR) is a powerful security technology that can help businesses defend against file-based attacks. By removing potentially malicious elements from files, CDR reduces the risk of data breaches and system infections. It is an effective tool in the fight against cybercrime and should be used in conjunction with other security measures to create a comprehensive security infrastructure.
Use-cases:
1. For outgoing traffic - can block Steganography attacks.
2. For Incoming traffic - email such as these will tempt some of our employees to open the attachment and compromise the whole network. CDR with email will block such attacks.