FAQ

Your existing conventional security solutions (such as ● Firewalls ● Antivirus ● Antimalware ● Secure Email Gateways/Mail Relays ● Web proxies ● Secure browsers ● EDR/XDR ● WAF ● Sandboxes) are focused on detecting known threats. Their prevention is limited to blocking and alerting. They cannot actively remove vulnerabilities from files and emails.

While Yazam solutions include the implementation of CDR (Content Disarm and Reconstruction) technology to provide an indispensable proactive layer of defense that these conventional solutions cannot.

Think of it this way:

• Traditional Security, based on Detection and Blocking, primarily focuses on detecting known malicious signatures, relying on the assumptions that threats are identifiable, and analyzing suspicious behaviors. The results are blocked files and emails, which harm customer productivity.

• YazamTech's technology, based on CDR (Disarm and Reconstruction), operates on a zero-trust model for files and emails. It attempts to detect, remove, or neutralize the malicious or suspicious content. It ensures only the good content is allowed through. By systematically dismantling and reconstructing files, it aspires to neutralize even unknown threats, zero-day exploits, and highly sophisticated embedded objects that might bypass your existing detection mechanisms.

In essence, CDR technology fills a critical gap by providing a foundational level of security for files and emails. It's not a replacement, but a vital complement that ensures malicious content is disarmed before it can ever execute or cause harm, significantly strengthening your overall security posture and safeguarding business continuity.

At YazamTech, our CDR (Content Disarm and Reconstruction) technology is engineered to preserve file functionality and integrity through a meticulous, proactive process.

Unlike traditional methods that might simply block the suspicious files and emails, or strip out all active content (potentially rendering it unusable), YazamTech's CDR employs a sophisticated reconstruction-based approach for every incoming file and email:

• Parsing: First, completely parsed, compared to the relevant standard.

• Deconstruction: Disassembled if needed into its most basic elemental components (such as embedded objects, images, code snippets, text, and metadata).

• Validation: Each individual component is then rigorously validated against its known-good specifications and established security policies.

• Sanitization: Any element that is anomalous, potentially malicious, or does not conform to the file's standard structure is precisely identified and removed. This includes hidden components, embedded exploits, and other non-standard content.

• Reconstruction: Only the verified, clean, and legitimate components are then used to reconstruct an entirely new, safe file. This newly built file retains the original's intended functionality, format, and visual appearance.

By building new clean files and emails from only the known-good elements, YazamTech's CDR technology ensures that:

• Functionality is maintained: Legitimate embedded objects and interactive elements are preserved as long as they adhere to safe file specifications, even if they are Macros and Scripts.

• Integrity is Guaranteed: The reconstructed files and emails are a perfect, clean version of the original, free from hidden threats, ensuring they behave exactly as expected.

• User Experience is Uninterrupted: Users receive fully usable and visually identical files and emails without delays or compromised content, fostering productivity and trust.

This proactive process means Yazam technology doesn't rely on detection, but ensures inherent safety, delivering files and emails that are ready for use with minimal risk.

YazamTech's Advantage: We are a specialized company for CDR implementation. Our singular focus allows us to:

• Innovate and Optimize CDR: We've dedicated our expertise to perfecting CDR technology, overcoming the challenges that include complexity, performance, and file integrity.

• Provide Best-in-Class Solutions: Because CDR technology is our core, we deliver purpose-built, highly effective solutions.

The results are obvious. Your existing conventional security solutions (such as ● Firewalls ● Antivirus ● Antimalware ● Secure Email Gateways/Mail Relays ● Web proxies ● Secure browsers ● EDR/XDR ● WAF ● Sandboxes) are focused on detecting known threats. Their prevention is limited to blocking and alerting. They cannot actively remove vulnerabilities from files and emails.

This is why our cyber protection technology is so special, unique, and valuable.

YazamTech's approach to cybersecurity stands apart through a combination of its core technological philosophy and specialized focus:

• Pure Prevention, Not Just Detection: Unlike most security solutions that react to known threats or suspicious behaviors, YazamTech's CDR (Content Disarm and Reconstruction) technology operates on a fundamental zero-trust principle for files and emails. We don't try to find the malicious; we guarantee the benign. Every file and email are deconstructed, sanitized to remove anything that doesn't belong (hopefully, even unknown threats like zero-days), and then perfectly rebuilt. This proactive neutralization is a distinct paradigm shift.

• Unrivaled Granularity and File Mastery: Our in-depth expertise in CDR technology means we go beyond surface-level analysis. We dismantle files to their most elemental components and understand the legitimate structure of an exceptionally wide array of file types – from standard Microsoft Office documents and PDFs to highly complex and nested files. This enables us to surgically remove threats while preserving crucial functionality, which is a common challenge for less specialized CDR solutions.

• Holistic Endpoint-to-Gateway Coverage: YazamTech provides tailored CDR solutions for every critical file entry point (by Emails, Browsers, Chat/Messaging, Directories, Removable Media, custom third-party applications, and even Managed File Transfer services). This comprehensive coverage ensures that wherever files interact with your network, they are subjected to the same rigorous sanitization process, closing gaps that other solutions might leave.

• Optimized for Seamless User Experience: While YazamTech solutions aspire to implement maximum security, our solutions are engineered to minimize operational impact. Files and emails are processed swiftly, ensuring users receive clean, functional files without disruptive delays or the need for constant human interventions. This balance of robust protection and consistent productivity is a key differentiator.

In essence, YazamTech's unique effectiveness stems from its dedicated focus on CDR technology's true preventive power, its deep understanding of files and emails architecture, and its ability to apply this advanced security seamlessly across an organization's entire digital perimeter.

Our CDR technology disarms and reconstructs files based on their legitimate specifications, removing only non-conforming or potentially malicious elements, thus preserving the usability of clean content.

The Yazam proprietary Engine, in-house development by YazamTech, is aware of the standards of more than 200 file types belonging to a wide range of family formats: Adobe Acrobat (PDF), Microsoft Office Word, Excel, PowerPoint and Visio, OASIS OpenDocument, Plain Text, Image, Audio, Video, Message, Extensible Markup (XML), Hyper Text Markup (HTML), JavaScript Object Notation (JSON), Archive, Macro, Script, Shortcut, Certificate Revocation List, Binary, DICOM, Bioinformatics, CAD-CAM, and more.

Our core advantages include:

• Learning threats and weaknesses constantly.

• Development of Proactive threat neutralization.

• Support broad file formats. Our dedicated CDR engines deal with more than 200 file formats,

• Adapt solutions for diverse environments. Our dedicated CDR solutions support files arriving via Emails, Processes, Directories, Removable Media, Third-party applications (APIs), and Managed File Transfer services.

YazamTech is constantly with 'Finger on the Pulse'.

The Yazam CDR Engine solution is designed to complement existing security solutions, enhancing overall protection by leveraging them with our unique CDR filtering technology.

The classic integration between the other security tools and the Yazam CDR Engine is done by adopting the Yazam API, which is applicable in a few protocols:

• Web Interface: allows access over the internet and supports access from non-Windows applications.

• DCOM: replaced COM+, best in Windows networks.

• ICAP: supported by manufacturers of security solutions, such as Secure Email Gateways/Mail Relays, Web proxies, and Secure browsers.

• Command Line Utility

Yazam Policy is the application that enables the security administrator to build CDR policies for the Yazam Engine.

Although the Yazam Policy contains many hundreds of functions, it is not complex to learn how to configure them optimally depending on the customer's needs, data sensitivity, and attractiveness to the enemy.

The Yazam Policy is designed with a friendly interface and presents online detailed help on the screen.

Encrypted files are numerous and widespread, and may contain malicious content. Popular encrypted file types are:

• PDF

• Microsoft Office: ● Word ● Excel ● PowerPoint ● Visio

• Archives: ● .zip ● .rar ● .7z ● .cab ● .wim ● .swm ● .tar ● .gz ● .tgz ● .bz2 ● .tbz ● .xz ● .txz ● .emz ● .kmz

Your existing conventional security solutions (such as ● Firewalls ● Antivirus ● Antimalware ● Secure Email Gateways/Mail Relays ● Web proxies ● Secure browsers ● EDR/XDR ● WAF ● Sandboxes) mostly ignore (bypassing) or block (quarantine) the encrypted files.

Yazam CDR technology, on the other hand, offers a superior solution for encrypted files compared to your existing conventional security solutions. The YazamTech CDR technology:

• Asks for casual passwords from the end user.

• Asks for permanent passwords from the administrator.

• Decrypts files.

• Filters only decrypted files.

• Quarantines encrypted files with missing or incorrect passwords.

• Re-encrypts files after the CDR filtering.

We develop a dedicated shortcuts filtering Engine which contains a few checks against malicious URLs:

• Our Yazam URL service is a repository of hundreds of thousands of updated hostile URLs that participate in Shortcut filtering. Each URL in the files should be compared with the URLs in this black-list.

• Forbidden Domains and URLs can be defined manually by the customer.

• Local links contain tens of programs that the customer can prevent.

URLs exist in many file types and should be extracted and sent to the Yazam URL filter. The specific Yazam CDR filters are known to find and extract URLs from many file families:

• Adobe Acrobat (PDF)

• Microsoft Office Word, Excel, PowerPoint, Visio

• Plain Text

• Extensible Markup (XML)

• Hyper Text Markup (HTML)

• Macro

• Script

• Shortcut

The Yazam CDR technology is designed for efficient processing to ensure a smooth user experience, often surprising users with minimal latency.

• Yazam's Engines operate on standard Windows servers and workstations, without any unusual prerequisites.

• Yazam Clients (Solutions) operate on standard supported Windows servers and workstations.

YazamTech offers flexible deployment options to suit various infrastructures, including on-premise, cloud-based, and hybrid environments, depending on the specific "Yazam" Client (Solution).

Currently, the Yazam CDR solutions contain:

• Yazam Emails: Active sanitization disarms cyber threats in emails (body and attachments) before they reach inboxes.

• Yazam Processes: Active sanitization disarms cyber threats for files that arrive and are saved by endpoint applications.

• Yazam Directories: Active sanitization to disarm cyber threats for files that arrived in network directories.

• Yazam Media: Active sanitization to disarm cyber threats for files arriving in removable storage devices.

• Yazam API: Active sanitization disarms cyber threats for files accepted by customer applications.

• Yazam MFT: Integrated active sanitization in the Managed File Transfer service disarms cyber threats for transferred files.

The Yazam solutions can be installed:

• On-premise and hosting.

• On Cloud

• Hybrid

The Yazam solutions can be supplied as:

• Private solutions.

• Service (SaaS)

• Non-Service (non-SaaS)

Using a fake extension may be an indication of malicious activity. There is no positive reason to create a file with a fake extension.

The Yazam CDR Engine automatically blocks any file whose name contains a fake extension. We don't have any motivation to filter files that have a fake extension.

There are several detection techniques for detecting fake file extensions. One of them is the 'True Type' checking. Simple detection techniques are not always accurate and have false positives.

Yazam CDR Engine utilizes the file parsing technique as the most accurate way to detect fake file extensions. Our deep content analysis examines the actual file structure, not just the extension, and effectively neutralizes this common evasion technique.

The "Yazam MFT" is a complete Managed File Transfer service, operated by YazamTech on the cloud, and suggests:

• The transformation layer: File transfer between organizations, both manually (using a website) and automatically (using SFTP), for both registered and guest users.

• The CDR layer: The Yazam CDR filtering engine is implemented in the core of the transformation layer, rather than simply being achieved by connecting an external CDR engine via API.

• Additional security components: Include end-to-end file encryption in movement, file encryption at rest, customer management, access control, logging, and alerting.