Cross-network file transfer
Inline analysis behind the network gateway for every file entering the internal network. Compatible with regulated-industry network separation mandates.
Wherever a file enters your network — cross-network transfer, document repository, web upload — SLF disarms non-executable document attacks at the point of ingress, before anyone clicks.
SLF inserts inline only at the points where files enter from outside. Internal systems stay untouched — the MARS engine engages only at the moment of file ingress.
Inline analysis behind the network gateway for every file entering the internal network. Compatible with regulated-industry network separation mandates.
Pre-screens files before ECM or DRM storage. Only clean originals land in the central repository.
Web application server (WAS) callback API integration for public-service, bidding, and procurement portals. Block, quarantine, or sanitize uploads in real time.
Integrates with mail server, file server, and SIEM over standard protocols. No changes to existing infrastructure.
Sits on the one-way data ingress into OT networks. Verified compatibility with industrial control environments.
Pre-screens incoming source code and libraries. Asynchronous queue processing keeps developers moving.
The MARS engine reverse-engineers the binary structure of non-executable files. It covers the three blind spots execution-based analysis misses — sandbox evasion, time-delayed triggers, and user-action triggers.
Identifies threats by disassembling the binary structure — without executing the file. Catches all three execution blind spots — sandbox evasion, time-delayed triggers, user-action triggers — and surfaces the document-borne threats sandboxes miss in HWP (Hangul Word Processor, Korea's standard document format), PDF, DOCX, and image files.
Strips macros, scripts, embedded OLE objects, and malicious links, then reassembles the document with the original layout preserved. Users receive a familiar file — minus the executable threat surface.
Sits behind the existing network gateway, mail server, or WAS in transparent mode. No routing, IP, or DNS changes; automatic bypass on failure eliminates the business-disruption risk.
Threats detected by SLF feed back into the ConTI platform, run through the KT AI pipeline, and redeploy as signatures and rulesets to every customer environment.
Inserted in transparent mode between external and internal networks. Traffic passes through unchanged — no routing, IP, or DNS modifications — while SLF inspects every file.
Figures pulled from the TTA GS Grade 1 benchmark test (200,000-file run) and field averages across 100+ deployments. Every number traces back to the source test report.
| Throughput | 49,000–315,000 files/day (HA configuration) |
|---|---|
| Avg. analysis time | 12.027 seconds (TTA GS Grade 1 benchmark · 200,000-file run) |
| Supported formats | 309+ formats (HWP, PDF, DOCX, XLSX, PPTX, images, archives, and more) |
| Sanitization speed | 34 ms per file average (SLCDR option) |
| Deployment | On-premises appliance (2U) · HA active-active |
| Integration | ICAP · SMTP · REST · Syslog · CEF · SAML 2.0 |
| Certifications | 100% APT detection (Korea Internet & Security Agency benchmark) · TTA GS Grade 1 · Common Criteria EAL2 · Korea public-procurement listed · designated innovative procurement item |
| Analyst recognition | Featured in Gartner CDR research as a Representative Vendor |
Processes 100,000 public-service portal attachments per day. WAS callback API integration keeps the false-positive rate under 0.1%.
Standard secure-transfer segment for cross-network file flow at a national ministry. Cleared regulator security suitability review.
Inline mail and file-server security for a finance environment. ConTI feedback loop blocks new variants before they spread.
Run a benchmark with your own files and samples. Deploys inline without changes to your existing infrastructure—results report typically within 3 days.