This blog post is part of the Microsoft Intelligent Security Association( MISA) guest blog series. Learn more about MISA.

The fight against malware has become the epic duel of our generation, placing businesses of all sizes against a never-ending stream of hackers and zero-day attempts bent on compromising security perimeters. The recent SolarWinds breach1 is showing much is currently at stake.

According to the Verizon 2020 Data Breach Investigations Report2, an estimated 94 percent of malware is delivered via email with 90 percent of malware hidden in common file characters such as PDF, Word, Excel, and Zip.

What is Content Disarm and Reconstruction( CDR )?

CDR describes the process of creating a safe copy of an original file by including only the safe components from the original file. The process offers a detection-less and streamlined solution that is notably different from common sandbox-based antimalware tools in the market.

On a granular degree, CDR focuses on verifying the validity of the file structure on the binary level and disarms both known and unknown threats.

With CDR, most malware forms-including zero-days, who the hell is maliciously embedded in transit files-are sanitized and purged of malicious content. This ensures the end-user can access simply malware-free content, while still maintaining maximum file functionality.

odix, an Israel-based cybersecurity company producing the lane in content disarm and reconstruction technology, has developed a range of solutions to fully complement and strengthen existing Microsoft security systems. Through the addition of FileWall, a Microsoft certified Cloud Solution Provider( CSP) can easily improve email security within a few cases clicks.

FileWall’s granular type filter optimizes administrator’s malware protection abilities, allowing them to easily ensure only necessary file types can get through to the end-user, according to their varying file access permissions. The FileWall type filter ideally leverages CDR technology to purge embedded and nested files. By adding the CDR process to Microsoft’s existing sandbox-based protections, customers are better prepared to defend against the threats of unknown malware.

How FileWall integrates with Microsoft security technology

odix’s FileWall solution was created from square one to fully integrate with the Microsoft Graph Security API, Microsoft Azure Sentinel, and Exchange Online. As a result of odix’s native degree integration with many of Microsoft’s core security mechanisms, FileWall’s deep file inspection capabilities don’t impact latency or compromise Microsoft’s native security protection. FileWall’s integration enables simultaneous reporting of malicious events and embedded suspicious content discovered within files to Microsoft Azure Sentinel.

For the user in complex file scenarios, such as nested files, password-protected attachments where traditional sandbox methods could miss or result in lengthy-time delays, and disruption of business procedures, FileWall relies upon a detection-less process to remove unknown malware and block malicious parts embedded in files. FileWall provides near-instant sanitization and reconstruction of files with simple click deployment.

FileWall renders maximum security cooperation and allows for greater visibility of incoming files and triggers an automated response from Microsoft Exchange Online to mitigate the impact of malware accordingly.

Microsoft 365 and Exchange Online administrators can get a free permission of FileWall here.

Architectural diagram displaying odix integrating with the Graph Security API, Exchange Online, and Microsoft Azure Sentinel.

Protecting emails: FileWall’s granular type filter

The FileWall file type filter allows the Microsoft 365 system admin to define which file types are permitted to enter the organization and which should be blocked. This minimizes the attack surface the organization is exposing via email by eliminating the threat vectors available in certain file types.

Screenshot of FileWall’s Content Disarm Control.

The kind filter has three main controls:

On/ Off: Enabling or incapacitating the filter functionality on all file types. Project mode( Whitelist/ Blacklist ): The ability to create pre-set lists of permitted and non-permitted file kinds for specific users “of the organizations activities”. Default sets: Suggested default policy by FileWall which includes 204 file types categorized as dangerous[ including executable files( exe )], windows batch files( bat ), windows links( lnk ), and others.

The sandbox can manage executables and active content. This allows the sandbox to work only on files that were not treated by FileWall. As most organizational traffic consists of non-executable records, this method can reduce sandbox load by 90 to 95 percentage, lowering the total costs and improving the average latency.

Screenshot of FileWall’s File Type Filter.

FileWall complements Exchange Online security abilities

As a native-level security add-on within Microsoft Exchange Online, with no SMTP relay involved, FileWall doesn’t harm productivity. Consequently, all FileWall’s specifies ought to have configured to complement existing security protocols. FileWall’s hastened in processing files is near-instantaneous for common file types.

Architectural diagram displaying FileWall delivering malware-free attachments.

Learn more

odix is an industry leader in developing and optimizing CDR technology for the enterprise and small and medium business markets. odix’s flagship CDR add-on, FileWall, is available for direct acquisition in the Microsoft marketplaces.

FileWall has already proven its worth in the field, rendering best-in-class email protection in a broad range of IT and industrial sets. Clariter, a global clean-tech company, was seeking an additional security layer to enhance its email security systems and found FileWall the ideal solution. Read the full case study here.

To learn more about FileWall, visit our directory in the Azure Marketplace.

To learn more about the Microsoft Intelligent Security Association( MISA ), visit our website, where you can learn about the MISA program, product integratings and find MISA members. Visit the video playlist to learn about the strength of member consolidations with Microsoft products.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Likewise, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

1SolarWinds hack was’ largest and most sophisticated assault’ ever: Microsoft president, The Associated Press, February 14, 2021.

22020 Data Breach Investigations Report, Verizon Business, May 19, 2020.

The post odix and Microsoft: Protecting consumers against malware attacks with free FileWall license appeared first on Microsoft Security .

Read more: microsoft.com