CDR(檔案無毒化)技術提供了一種防禦網路威脅的新穎方法。該技術專門用於降低檔案傳播攻擊的風險,檔案傳播攻擊是惡意軟體和其他網路威脅的常見載體。透過剖析檔案並刪除潛在的惡意內容,CDR 確保只有安全的內容到達最終用戶,從而防止未經授權的存取和資料外洩。
什麼是CDR?
CDR 從檔案中刪除潛在的惡意程式碼。與傳統的惡意軟體偵測方法不同,CDR 的工作原理是識別並消除所有不符合預先定義安全性策略的檔案元件。這種主動的安全方法旨在防止網路威脅滲透網路,無論威脅是已知還是未知。
CDR 如何運作?
CDR 的工作原理是將每個檔案分解為其組成部分並單獨掃描這些組成部分。這個過程涉及幾個步驟:
檔案解構
傳入的檔案被分解為最基本的組成部分。
組件撤防
潛在有害的元素(例如巨集和嵌入腳本)會被識別並從每個元件中刪除。
檔案重建
檔案被重建,排除任何被認為不安全的組件,從而確保最終產品遵守組織的安全策略。
CDR 的五種用途
CDR 技術廣泛應用於各個領域,特別是在檔案傳播威脅風險較高的環境中。以下是 CDR 的五個主要用途:
透過精細分析檔案,CDR 可以識別並消除利用防毒軟體未知漏洞的威脅,從而提供對零時差攻擊的保護。
電子郵件是惡意軟體傳播的常見管道。 CDR 可以透過刪除惡意內容來清理附件,確保電子郵件可以安全開啟。
組織越來越依賴雲端的服務進行協作和通訊。可以部署 CDR,透過清理透過這些服務上傳、下載、傳輸、共用和儲存的檔案來保護這些平台。
CDR 可用於掃描和清理端點裝置上的檔案,從而降低 BYOD 裝置和存取組織資產的其他外部裝置感染的風險。
檔案,尤其是那些嵌入巨集或物件的檔案,很容易受到惡意軟體的攻擊。 CDR 確保這些檔案不含惡意內容,同時保留其功能。
Elevate Preventative Security with OPSWAT Deep CDR™ Technology
傳統的 CDR 解決方案難以應對複雜的檔案結構,從而導致更高的延遲和潛在的誤報。它們也可能無法有效地處理某些檔案類型或格式,例如受密碼保護或壓縮的檔案。
Deep CDR™ Technology goes beyond the capabilities of traditional CDR solutions by recursively sanitizing nested archives in file types like PDFs, images, ZIP files, and Microsoft Office docs.
Deep CDR™ Technology evaluates and verifies file types and consistency, creating placeholders for approved objects while disarming the original file. It then regenerates usable components such as pointers, tables, and frames, ensuring that the final file is safe and retains its original characteristics.
It supports a wide range of file types and processes files quickly, often within milliseconds. Deep CDR™ Technology provides comprehensive diagnostic data, including forensic information about the disarmed files so that analysts can better understand incoming threats.
Deep CDR™ Technology offers superior protection against both known and unknown threats, including those that evade detection by traditional antivirus software. It is capable of sanitizing hidden threats in archive files and QR codes, among others, providing a more robust defense against evolving cyber threats.
While traditional CDR provides a foundational layer of protection against known threats, Deep CDR™ Technology offers a more comprehensive and proactive defense mechanism capable of addressing a wider range of threats, including those that are highly evasive or unknown. Organizations facing advanced persistent threats or operating in high-risk environments can benefit from implementing Deep CDR™ Technology to enhance their cybersecurity posture.
Learn more about how a Japanese government organization uses Deep CDR™ Technology to proactively detect advanced threats.
