EN
Contact Sales Request a PoC

CDR SANITIZATION · SLCDR

Every file from the web,
delivered disarmed.

Don't detect — strip out anything that could be risky, without judgment calls. 34 ms per file. 309+ formats. Original layout preserved.

  • Standalone product
  • Add-on for SLF / SLE
Request a PoC Download whitepaper
SLCDR CDR sanitization engine
309+ Supported file formats
34ms Per-file processing time
100% Original layout preserved
6 Categories of threat elements removed

Detection vs. disarming — a fundamentally different approach.

Detection-based security blocks only what it recognizes. CDR neutralizes both known and unknown threats at the source.

Detection-based (legacy)

"Is this file malicious?"

  • Lets the file through when no signature matches
  • Defenseless against zero-day
  • Blocks only what it can identify
  • Vulnerable to sandbox evasion
CDR sanitization (SLCDR)

"Anything that could be risky — gone."

  • Strips every risky element regardless of signature
  • Neutralizes via structural disassembly
  • Reduces the threat surface to nothing
  • No behavior to observe — nothing to evade

Three attacks detection can't stop.

Sandbox-evasion attacks

Malware that recognizes the sandbox and stays dormant. Detection has to observe behavior; CDR never observes — so there's nothing to evade.

Time-delayed attacks

Malware designed to fire 24 hours after delivery — silent during detection, active later. CDR disassembles the file itself, so the execution moment is structurally removed.

User-action triggers

Malware that activates only on a specific page turn or click. CDR removes the trigger from the file structure — the condition can never fire.

Six categories of threat elements removed.

SLCDR strips six categories of threat elements from the file at the structural level.

Macros and scripts

VBA, JavaScript, PowerShell. Removes every auto-execute code path inside OOXML, HWP (Hangul Word Processor, Korea's standard document format), and PDF documents.

Embedded OLE objects

Extracts and removes embedded executables and external-link objects (Object Linking and Embedding) inside documents.

Malicious URLs

Embedded URLs in documents. Strips every link that would lead to malicious pages or drive-by downloads.

External data references

DDE and external XML references. Severs every connection that would call out to an external server when the file is opened.

Metadata and hidden data

Author information, edit history, Track Changes. Removes elements that risk exposing personal or internal information.

Threats inside archives

Files inside ZIP, 7z, and RAR. Recursively handles nested files, including password-protected archives.

Six-stage sanitization process.

From file intake to safe output — structural disassembly and reassembly remove the threat at the source.

  1. File intake

    Ingest via ICAP, REST, or SMTP standard APIs

  2. Structure parsing

    Disassemble CFB, OOXML, and PDF internal structures

  3. Threat identification

    Detect the six element categories — macros, OLE, URLs, external references

  4. Threat removal

    Precisely remove only the identified elements

  5. Document reassembly

    Restore original layout, formatting, and comments

  6. Safe output

    34 ms · identical look to the original

Specifications

Per-file processing time 34 ms (average)
Supported file formats 309+ formats (HWP, HWPX, PDF, DOCX, XLSX, PPTX, images, archives, and more)
Structure parsing Full support for CFB (OLE2), OOXML, PDF, images, and archives (ZIP, 7z, RAR)
Original preservation Layout, formatting, images, comments, and Track Changes preserved
Deployment On-premises appliance or cloud SaaS
Integration ICAP · REST API · SMTP · WAS callback
Standalone use Runs on its own without SLF or SLE
Certifications 100% detection rate (Korean cybersecurity agency benchmark) · TTA GS Grade 1 · featured in Gartner CDR research as a Representative Vendor

How it works

The moment a file passes through the SLCDR engine, its internal structure is fully disassembled and safely reassembled.

Deployment references

Trusted institutions across public-sector, finance, and insurance have chosen SLCDR.

Korea Insurance Development Institute (KIDI) Standalone CDR adoption

Strips risk elements from partner-submitted and citizen-submitted documents. 2M+ files per year. Reference deployment for standalone CDR sanitization.

  • 2M+ documents sanitized per year
  • 100% of externally submitted documents handled
DAOL Savings Bank Email attachment sanitization

Deployed email attachment sanitization for finance. Zero malware infections since launch.

  • All email attachments sanitized
  • Zero malware infections
National Health Insurance Service (NHIS) WAS callback API integration

100,000 citizen-submitted attachments per day. Web application server (WAS) callback API integration delivers full coupling with the business system.

  • 100,000 citizen documents per day
  • WAS callback API integration
POC · BENCHMARK READY IN 3 DAYS

Document security.
See it for yourself.

Run a benchmark with your own files and samples. Deploys inline without changes to your existing infrastructure—results report typically within 3 days.

Request a PoC Contact Sales
NDA upfront Government procurement approved Deployed across national ministries Common Criteria EAL2 certified