CTO ブログ


July 22, 2020 by Mitchell Lau
Author: Vincent Lin, Director of Software Engineering at OPSWAT This document describes the application security program used at OPSWAT and covers the following topics:  What...

Deep CDR with higher quality

October 08, 2019 by Vinh Lam
Deep CDR (v5.6) quarterly release is now generally available (GA). This release includes significant improvements in the handling of Comma-Separated Values (CSV) formulas injection threats; support for new file types...

Proactive DLP is here

July 09, 2019 by Taeil Goh
DLP which stands for "data loss prevention" or "data leakage prevention" refers to technical solutions and processes employed by organizations to prevent exposing or sharing sensitive data with unauthorized users.  Implementing...

26 new file types support including Video, Email and more

April 03, 2019 by Vinh Lam
Overview We are excited to announce a major release, v5.4, of Data Sanitization (also known as CDR). With this release, we address two new use cases. The first protects isolated networks from threats borne by email messages on...

Data Sanitization against Remote Code Execution in LibreOffice (CVE-2018-16858)

February 25, 2019 by Vinh Lam
Overview LibreOffice is a free and widely used office productivity suite.  Several vulnerabilities were discovered in the past, in 2017 the number of CVEs increased significantly. In 2017, OPSWAT started...


December 28, 2018 by Taeil Goh
ハイライト Microsoft Office 2007ドキュメントに再帰的に埋め込まれたドキュメントを無害化カレンダーデータファイルの無害化: iCalendar (.ics), vCalender v1.0 (.vcs)EMF(拡張メタファイル)/WMF(Windows メタファイル)の無害化を強化高度なステガノグラフィ攻撃を防ぐための画像無害化を強化さらに多くの機能強化Microsoft Office...

Proof of Concept (PoC) Attack Leverages Microsoft Office and YouTube to Deliver Malware

November 26, 2018 by Vinh Lam
Researchers at Cymulate have discovered a way to deliver and execute malware through the Online Video feature in Microsoft Office Word (https://blog.cymulate.com/abusing-microsoft-office-online-video). Here we outline a brief summary of...
Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.