OPSWAT CEO Benny Czarny Presented on Data Sanitization at SFSU: Watch Presentation

Last winter, OPSWAT CEO and Founder Benny Czarny spoke on the subject of data sanitization, or Content Disarm and Reconstruction, at San Francisco State University.

Data sanitization (CDR) is a highly important advanced threat prevention technology that removes or disables advanced attacks hidden in documents, images, and other common file types. Many kinds of attacks use typical files that users are accustomed to receiving and opening, such as Microsoft Word documents or Adobe PDFs, to start a chain of malicious activity that results in a malware infection on the victim's device.

In his presentation, Benny outlined the reasons why data sanitization has become so necessary:

1. Advanced malware attacks may leverage the features of complex file formats. File formats are increasing in complexity, and attackers can use the features they offer to conceal and execute malicious scripts or codes.

2. Threat actors may use files that exploit vulnerabilities in applications. The amount of vulnerabilities, both known and unknown, is increasing. A malicious file or document can exploit these vulnerabilities in the application that opens them, allowing access for an attacker.

Data sanitization blocks both kinds of attacks, and crucially, it does not have to detect threats within the files in order to do so. Instead, it assumes any file may be malicious and disarms and reconstructs the file to eliminate potential threats.

This gives data sanitization an advantage over other kinds of advanced threat prevention that rely on detection – for instance, sandboxes, AI-based anti-malware scanning, and traditional signature scanning. The amount of total malware is increasing, and no detection method, however advanced, can be 100% perfect, but data sanitization removes potential threats from 100% of the files it processes.

To view and download Benny's whole presentation deck, click here.

You can also watch his presentation on YouTube.