Content Security for Email

Protect users from phishing emails, ransomware,
email fraud (BEC) attacks, and more coming into Microsoft 365.

Make Microsoft 365 More Secure with Innovative Malware Prevention Technology

DISARM is a zero-trust, integrated cloud email security service that complements the native security features of Microsoft 365 to protect against even unknown threats.

Cyber attacks on corporate information have become increasingly sophisticated in recent years. Attackers are using email as an attack vector, making it difficult to proactively respond to malicious emails disguised as work documents.

Number of business email hacking attempts

annual

0 M

daily

Number of malicious URL phishing attacks

Percentage of attacks that use attached malicious document files

0 %

Microsoft 365 is good at stopping known threats, but it's difficult to defend against unknown threats. DISARM enhances the security of Microsoft 365 by blocking even advanced, sophisticated threats that evade Microsoft 365.

DISARM quickly and accurately diagnoses malicious files attached to email, and
proactively removes potential threats from documents and delivers them in safe files.

Detect Hidden Malicious
Code in Attachment

Eliminate Suspicious Threats in File

Detect Hidden Malicious Code in Attachment

Eliminate Suspicious Threats in File

Proactively Detects & Block Unknown Threats

Key Benefits

Zero Trust Security against
Powerful Threats

Removes active content in attachments, such as malicious URL, JavaScript, Shellcode, to response to potential threats with zero trust security-based content disarming (CDR) technology.

Eliminates harmful content in email attachments and reconstruct closer to original file.
Proactively prevents the security threats such as malicious code, ransomware, and file-borne threats from infiltrating the email system.

Zero Trust Based CDR Result Screen

Proactively Block Unknown Attacks

DISARM Content Security (Threat Intelligence + Debugger Analysis + CDR) accurately and quickly detects and proactively blocks not only known security threats, but also unknown security threats that bypass standard Microsoft 365 security features.

Eliminates harmful content in email attachments and reconstruct closer to original file.
Detects the unknown security threats with no signature.
Detects security threats that evade detection.
Provides powerful defense against the sophisticated hacking attacks.

Reverse-engineering = Assembly Level Analysis

Debugger Analysis Process(Automated Reverse-engineering)

Cloud-based service that quickly integrates with Microsoft 365
(ICES: Integrated Cloud Email Security)

Efficiently manage the service by integrating with your Microsoft 365 account in minutes.

Quickly and easily integrate with Microsoft 365 without changing MX record values when subscribing to services (Using MS APIs)
Delivers a reliable service without losing emails.
Securely send and receive email within your organization.
Provides intuitive admin console UI making administrator to manage easily.

Integration Process with Microsoft 365

Key Features

Block Malware
Detect and diagnose malicious code and ransomware in various files, including executable and non-executable files.
Block Malicious URL
Extract malicious URL from attachments and email body to diagnose and block security threats.
Content Disarm and Reconstruction (CDR)
Proactively remove potential threats (malicious active content) from document files and convert them to safe files. (supports DOC/DOCX/DOCM/RTF, XLS/XLSX, PPT/PPTX/PPTM, PDF, image files, etc.)
Block Malicious Compressed File
Scan entire compressed files for malicious code. (Support ZIP, 7Z, ARJ, RAR, TGA,etc.)
Detect Malicious Password Protected
Diagnose spam and phishing email using artificial intelligence and machine learning-based technology.
Block Email Phishing Attacks
Notify recipients of risk if the sender has no recent email communication history.
Email Profiling
Analyze sender relationships to identify safe senders.
Secure e-mail communications within your organization
Enhance the security of the email that is sent and received within your organization.
Provide Admin Console
Provide an admin page where administrators can get a real-time view of their organization's mail flow.
Support Various Policies
Set policies based on your organization's needs, including email attachments, URLs in email body, URLs in attachments, and more.
Masking VIP Mail Information
Protect sensitive information by masking incoming mail information for specific internal users.
Support Threat Intelligence for Content Security
Provides threat intelligence to quickly respond to security threats by managing various content-based information.
Provide Content-based Threat Information
Provide detailed analysis information of non-executable files to malware analysis experts.
Block New or Variant Security Threats
Detect and block known and unknown security threats via reverse engineering-based debugger analysis.
Monthly Report
Generate reports at 31-day intervals for easy, at-a-glance visibility into your email flow.

DISARM Plans & Key Features

Make your Microsoft 365 exchange online service more secure with DISARM Content Security!
Enjoy first 30days free when you purchase today.

BASIC

- Block Malware
- Content Threat Intelligence Analysis
- Phishing Attack Protection
- Detect & Block Security Threats
- Block Malicious Threats in Email and Attachment

STANDARD

★ ZERO TRUST CDR

- BASIC Features
- Content Disarm and Reconstruction (CDR)
- Prevent Security Threats when Sharing Files

ADVANCED

★ CONTENT SANDBOX

- STANDARD Features
- Block Unknown Threats (Debugger Analysis)
- Content-based Threats Detailed Information
- Email Profiling

FAQ

Q. How does installing the DISARM Content Security service apply Zero Trust CDR to Microsoft 365?

DISARM Content Security service scans emails received by subscribers for the presence of malware and sanitizes attachments before delivering them to the inbox in Microsoft 365. Subscribers are informed that the content has been sanitized via a notification bar at the top of the email body. In the event that a subscriber receives a malicious email, they are notified of the detection results that DISARM Content Security quarantined.

Q. What if my organization already has Microsoft security in place?

Microsoft 365’s security features provide signature-based security (e.g., anti-virus, spam, etc.), which makes it challenging to detect and block “Unknown and new variants of malware or ransomware” (Unknown Threat) that bypass traditional security systems. In contrast, DISARM Content Security proactively detects and blocks both known and unknown security threats through proprietary ‘Assembly Instruction Analysis’ technology. Furthermore, DISARM Content Security’s CDR technology renders all business content (MS Office, HWP, PDF, JPG, PNG, etc.) harmless to cyberattacks, enabling subscribers to use a more secure Microsoft 365.

Q. Why should I choose DISARM when I can solve my security issues by subscribing to additional security services offered by Microsoft 365?

Although Microsoft 365 offers additional security features such as Microsoft Defender Plan 1 and Plan 2, it is limited to blocking the latest variants of hacking attacks. DISARM extends the coverage of Microsoft 365’s existing security layer to detect file-borne and unknown threats. If you have many digital file transactions in your Microsoft 365, DISARM will be the right solution to proactively prevent these threats.

Q. Are there any cases that are not detected by Microsoft 365, but are detected only by DISARM?

As shown in the figure below, DISARM exclusively detected a recent malicious phishing email that attempted to take over an account that passed as legitimate in Microsoft 365.