Deep Content Disarm and Reconstruction (Deep CDR)

Advanced Prevention of Known and Unknown Threats

Comprehensive protection against known and unknown threats, zero-day attacks, advanced persistent threats (APT), and sophisticated evasive malware.

Download eBook

Can malware bypass your defenses and penetrate your system?

In the fight against malicious software, the traditional preventive controls used by enterprises are often passive and found to be inadequate since they rely on detection of bad actions and malicious code.

Malware is growing in complexity and becoming increasingly successful at evading traditional and next-gen anti-malware engines and sandboxes. Zero-day malware can easily defeat signature-based AVs, which only detect known threats.

Enterprises need a comprehensive threat prevention solution that does not rely on detection.

What is CDR Technology?

Content Disarm & Reconstruction (CDR), also known as data sanitization, assumes all files are malicious and sanitizes and rebuilds each file ensuring full usability with safe content.

By sanitizing each file and removing any potential embedded threats, CDR (Content Disarm & Reconstruction) effectively ‘disarms’ all file-based threats including - known and unknown threats; complex and sandbox aware threats; and threats that are equipped with malware evasion technology such as Fully Undetectable malware, VMware detection, obfuscation and many others.

As malware sandbox evasion techniques improve, the use of CDR at the email gateway as a supplement or alternative to sandboxing will increase.

Fighting Phishing: Optimize Your Defense


OPSWAT Deep CDR technology is a market leader with superior features like multi-level archive processing, accuracy of file regeneration, and support for 100+ file types.

We provide in-depth views of what is being sanitized and how - enabling you to make informed choices and define configurations to meet your use-case.

We deliver safe files with 100% of threats eliminated within milliseconds, so your workflow is not interrupted.

View a Sample Deep CDR Report

Trusted by organizations worldwide

Key Differentiators

Supports a wide range of file formats (100+), including regional-specific formats such as JTD and HWP

Recursive sanitization for complex files, such as nested archives, embedded documents, email attachments, and hyperlinks

Offers flexible configuration options per file format allowing the administrator to enable or disable the embedded objects that should be removed or sanitized

Maintains file usability and functionality after sanitization

Provides detailed reports of sanitized components, accessible via API, but also visible in the management console

Integrates with OPSWAT Multiscanning to include advanced threat detection

How Deep CDR Works

1. Files are evaluated and verified as they enter the sanitization system to ensure file type and consistency. File extensions are examined to prevent seemingly complex files from posing as simpler files, and red-flagged for malicious content, alerting organizations when they are under attack.

2. File elements are separated into discrete components and malicious elements are removed or sanitized.

3. Files are rebuilt in a fast and secure process. Metadata and all file characteristics are reconstructed.

4. New files are recompiled, renamed, and delivered - preserving file structure integrity so that users can safely use the file without loss of usability.

Deep CDR / Data Sanitization Process


Features and Benefits

100+ Supported File Types

Sanitize and reconstruct 100+ common file types, ensuring each file is completely usable with safe content. Supported file types include PDF, Microsoft Office, HTML, and many image files. Language/region specific file formats like JTD and HWP files are also supported. Supported File Types.

200+ File Conversion Options

Customizable file conversion enables you to change files into different formats (e.g., convert a .jpg file into a .bmp file, then to a .pdf file, then back to a .jpg). Multiple conversions prevent document-based threats from entering highly secure networks. View File Conversion Configuration.

4,500+ File Type Verifications

Verify 4500+ file types to combat spoofed file attacks and detect seemingly complex files from posing as simpler files. File Type Verification Options.

30X Performance

For fast, efficient prevention, Deep CDR is on average 30 times faster than sandbox analysis and prevents malware (including zero-day) that has been built to evade sandbox detection. View Performance Stats.

30+ Engine Multiscanning Integration

Integrates with OPSWAT Multiscanning, alerting users if they are under attack. Provides visibility across different channels and file entry points, including email attachments, files on portable media devices, and browser downloads - enhancing the security of the entire organization. Integrated Multiscanning Technology.

Customizable Workflow

Customize the order of Multiscanning and Deep CDR steps for different file entry points. Depending on which channels files originate from, you can first sanitize external files, deliver the sanitized version to users, and then scan the original files for complete visibility of the attack matrix. Workflow Engine.

“With MetaDefender’s Deep CDR, Upwork was able to prevent 100% of zero-day file attacks, compared to only 70% blocked by standard AV. All files with active objects are sanitized. 75% of files are processed and ready in less than a second and 99% in less than six seconds.”

Head of Security, Upwork

Amit Schulman

Solution Engineer, OPSWAT

Shows how documents with embedded threats are rendered harmless with Deep CDR

Use Cybersecurity Technology That Works

Schedule a meeting with our OPSWAT technical experts to learn more about Deep CDR