DISARM
Content Security for EmailProtect users from phishing emails, ransomware, email fraud (BEC) attacks, and more coming into Microsoft 365.
Protect users from phishing emails, ransomware, email fraud (BEC) attacks, and more coming into Microsoft 365.
Cyber attacks on corporate information have become increasingly sophisticated in recent years. Attackers are using email as an attack vector, making it difficult to proactively respond to malicious emails disguised as work documents.
Microsoft 365 is good at stopping known threats, but it's difficult to defend against unknown threats.
DISARM enhances the security of Microsoft 365 by blocking even advanced, sophisticated threats that evade Microsoft 365.
DISARM quickly and accurately diagnoses malicious files attached to email, and
proactively removes potential threats from documents and delivers them in safe files.
Removes active content in attachments, such as malicious URL, JavaScript, Shellcode, to response to potential threats with zero trust security-based content disarming (CDR) technology.
DISARM Content Security (Threat Intelligence + Debugger Analysis + CDR) accurately and quickly detects and proactively blocks not only known security threats, but also unknown security threats that bypass standard Microsoft 365 security features.
Efficiently manage the service by integrating with your Microsoft 365 account in minutes.
Detect and diagnose malicious code and ransomware in various files, including executable and non-executable files.
Extract malicious URL from attachments and email body to diagnose and block security threats.
Proactively remove potential threats (malicious active content) from document files and convert them to safe files. (supports DOC/DOCX/DOCM/RTF, XLS/XLSX, PPT/PPTX/PPTM, PDF, image files, etc.)
Scan entire compressed files for malicious code. (Support ZIP, 7Z, ARJ, RAR, TGA,etc.)
Diagnose spam and phishing email using artificial intelligence and machine learning-based technology.
Notify recipients of risk if the sender has no recent email communication history.
Analyze sender relationships to identify safe senders.
Enhance the security of the email that is sent and received within your organization.
Provide an admin page where administrators can get a real-time view of their organization's mail flow.
Set policies based on your organization's needs, including email attachments, URLs in email body, URLs in attachments, and more.
Protect sensitive information by masking incoming mail information for specific internal users.
Provides threat intelligence to quickly respond to security threats by managing various content-based information.
Provide detailed analysis information of non-executable files to malware analysis experts.
Detect and block known and unknown security threats via reverse engineering-based debugger analysis.
Generate reports at 31-day intervals for easy, at-a-glance visibility into your email flow.
How does installing the DISARM Content Security service apply Zero Trust CDR to Microsoft 365?
DISARM Content Security service scans emails received by subscribers for the presence of malware and sanitizes attachments before delivering them to the inbox in Microsoft 365. Subscribers are informed that the content has been sanitized via a notification bar at the top of the email body. In the event that a subscriber receives a malicious email, they are notified of the detection results that DISARM Content Security quarantined.
What if my organization already has Microsoft security in place?
Microsoft 365's security features provide signature-based security (e.g., anti-virus, spam, etc.), which makes it challenging to detect and block "Unknown and new variants of malware or ransomware" (Unknown Threat) that bypass traditional security systems. In contrast, DISARM Content Security proactively detects and blocks both known and unknown security threats through proprietary ‘Assembly Instruction Analysis’ technology. Furthermore, DISARM Content Security's CDR technology renders all business content (MS Office, HWP, PDF, JPG, PNG, etc.) harmless to cyberattacks, enabling subscribers to use a more secure Microsoft 365.
How do I install the DISARM Content Security service?
Simply select the subscription plan of your choice on the Microsoft AppSource "DISARM Content Security for Email" page and you're ready to go. For more information, visit the Microsoft AppSource "DISARM Content Security for Email" page.
Why should I choose DISARM when I can solve my security issues by subscribing to additional security services offered by Microsoft 365?
Although Microsoft 365 offers additional security features such as Microsoft Defender Plan 1 and Plan 2, it is limited to blocking the latest variants of hacking attacks. DISARM extends the coverage of Microsoft 365's existing security layer to detect file-borne and unknown threats. If you have many digital file transactions in your Microsoft 365, DISARM will be the right solution to proactively prevent these threats.
Are there any cases that are not detected by Microsoft 365, but are detected only by DISARM?
As shown in the figure below, DISARM exclusively detected a recent malicious phishing email that attempted to take over an account that passed as legitimate in Microsoft 365.
[Figure 1] Original malicious phishing email
[Figure 2] Account takeover page displayed after clicking on the URL in the email
[Figure 3] DISARM’s analysis result