It's time to pivot from detection to prevention.
Rather than trying to detect malware, Zero Trust CDR works by extracting the valid data, verifying the information and then building brand-new data.
Why Zero Trust CDR is Different
* Simply changing the malware in a small way can defeat signature-based detection
** Changing the behavior of the malware can defeat sandboxes
*** Malware that recognises it is running in a sandbox can avoid detection
† Putting malware in unchecked locations in the file can avoid removal
‡ The reconstruction in some implementations leaves content looking significantly different to the original