Commonly used files such as Microsoft Office, PDF and image files can include potentially harmful active content, such as macros and scripts. While these Threats can be detected by anti-malware engines and sandboxes, they cannot detect 100% of embedded threats.
In this video, Amit Schulman, Solution Engineer at OPSWAT, demonstrates how threats can be hidden in files and how these can be ‘disarmed’ by using Data Sanitization, also known as Content Disarm and Reconstruction (CDR).
The problem with traditional anti-malware and sandboxing technologies is that they rely on Detection. While this can be effective in many cases, cyber criminals are continually developing new ways to avoid detection, enabling them to bypass traditional defenses. Security Week reports that in their tests, 98% of malware used at least one evasion technique, and 27% evaded detection by a single sandbox.
Instead of relying on detection, Data Sanitization leaves no room for threat detection error and prevents many file-based threats, including known, unknown, complex and sandbox-aware threats. By sanitizing each file and removing any possible embedded threat, Data Sanitization effectively ‘disarms’ all file-based threats without the need for detection.
Amit shows us three examples of how OPSWAT MetaDefender can sanitize documents with embedded threats:
- Word document with embedded threat
- Image file with a hidden pdf file
- Word document with VBA script
Data Sanitization (CDR) - Cyber Threat Prevention Without Relying on Detection | OPSWAT
Ready to try it out for yourself? Upload a file for free at metadefender.com. Your file will be sanitized and scanned with 30+ anti-malware engines and the sanitized file will be available for you to download. If you wish to try out MetaDefender in your own environment, you can download a 15-day trial of MetaDefender from the OPSWAT portal.
