DISARM logo

Content Security for Email

Protect users from phishing emails, ransomware,
email fraud (BEC) attacks, and more coming into Microsoft 365.

Make Microsoft 365 More Secure with Innovative Malware Prevention Technology

DISARM is a zero-trust, integrated cloud email security service that complements the native security features of Microsoft 365 to protect against even unknown threats.

Cyber attacks on corporate information have become increasingly sophisticated in recent years. Attackers are using email as an attack vector, making it difficult to proactively respond to malicious emails disguised as work documents.

Number of business email hacking attempts

annual
0 M
daily
0
cyber attacks icon

※ Source: MS Threat Intelligence 'Cyber Signal' 2023

Number of malicious URL phishing attacks

0
cyber attacks icon

※ Source: MS Threat Intelligence 'Cyber Signal' 2023

Percentage of attacks that use attached malicious document files

0 %
cyber attacks icon

※ Source: MS Threat Intelligence 'Cyber Signal' 2023

Microsoft 365 is good at stopping known threats, but it's difficult to defend against unknown threats. DISARM enhances the security of Microsoft 365 by blocking even advanced, sophisticated threats that evade Microsoft 365.

disarm microsoft 365 icon

Microsoft 365

Block only 'Known Threats' Block spam, bulk mail

disarm microsoft 365 plus
disarm microsoft 365 icon

DISARM Security

Remove active contents Block unknown and new malware variants and proactively block malware that exploits document vulnerabilities

disarm microsoft 365 arrow
disarm microsoft 365 arrow bottom
disarm microsoft 365 icon

Get a more secure Microsoft 365 email experence

DISARM quickly and accurately diagnoses malicious files attached to email, and
proactively removes potential threats from documents and delivers them in safe files.

icon virus mail

Email in Mailbox

progress bar
icon threat intelligence
icon point

Threat Intelligence

progress bar
icon debugger analysis
icon point

Debugger Analysis

icon scan file
Scan File
(Structure Analysis)
progress bar
icon reconstruct file
Analyze Active Content
progress bar bottom
icon analyze active content
Reconstruct File
progress bar left
icon extract active content
Extract Active Content
icon point

Content Disarm and Reconstruction

Detect Hidden Malicious
Code in Attachment

Eliminate Suspicious Threats in File

progress bar
icon safe mail

Safe Email

Detect Hidden Malicious Code in Attachment

icon virus mail

Email in Mailbox

progress bar bottom
icon threat intelligence
icon Threat Intelligence
icon debugger analysis
icon Debugger Analysis
progress bar bottom
icon scan file
Scan File (Structure Analysis)
progress bar bottom
progress bar
icon reconstruct file
Analyze Active Content
progress bar bottom
progress bar bottom
icon extract active content
Extract Active Content
progress bar bottom
progress bar left
icon analyze active content
Reconstruct File
icon point

Content Disarm and Reconstruction

progress bar bottom
icon safe mail

Safe Email

Proactively Detects & Block Unknown Threats

Key Benefits

Zero Trust Security against
Powerful Threats

Removes active content in attachments, such as malicious URL, JavaScript, Shellcode, to response to potential threats with zero trust security-based content disarming (CDR) technology.

  • Eliminates harmful content in email attachments and reconstruct closer to original file.
  • Proactively prevents the security threats such as malicious code, ransomware, and file-borne threats from infiltrating the email system.

Zero Trust Based CDR Result Screen

Zero Trust Based CDR Result Screen

Proactively Block Unknown Attacks

DISARM Content Security (Threat Intelligence + Debugger Analysis + CDR) accurately and quickly detects and proactively blocks not only known security threats, but also unknown security threats that bypass standard Microsoft 365 security features.

  • Eliminates harmful content in email attachments and reconstruct closer to original file.
  • Detects the unknown security threats with no signature.
  • Detects security threats that evade detection.
  • Provides powerful defense against the sophisticated hacking attacks.

Reverse-engineering = Assembly Level Analysis

Reverse-engineering = Assembly Level Analysis

Debugger Analysis Process(Automated Reverse-engineering)

Cloud-based service that quickly integrates with Microsoft 365
(ICES: Integrated Cloud Email Security)

Efficiently manage the service by integrating with your Microsoft 365 account in minutes.

  • Quickly and easily integrate with Microsoft 365 without changing MX record values when subscribing to services (Using MS APIs)
  • Delivers a reliable service without losing emails.
  • Securely send and receive email within your organization.
  • Provides intuitive admin console UI making administrator to manage easily.

integration process with microsoft 365

Integration Process with Microsoft 365

Key Features

  • Block Malware

    Detect and diagnose malicious code and ransomware in various files, including executable and non-executable files.

  • Block Malicious URL

    Extract malicious URL from attachments and email body to diagnose and block security threats.

  • Content Disarm and Reconstruction (CDR)

    Proactively remove potential threats (malicious active content) from document files and convert them to safe files. (supports DOC/DOCX/DOCM/RTF, XLS/XLSX, PPT/PPTX/PPTM, PDF, image files, etc.)

  • Block Malicious Compressed File

    Scan entire compressed files for malicious code. (Support ZIP, 7Z, ARJ, RAR, TGA,etc.)

  • Detect Malicious Password Protected

    Diagnose spam and phishing email using artificial intelligence and machine learning-based technology.

  • Block Email Phishing Attacks

    Notify recipients of risk if the sender has no recent email communication history.

  • Email Profiling

    Analyze sender relationships to identify safe senders.

  • Secure e-mail communications within your organization

    Enhance the security of the email that is sent and received within your organization.

  • Provide Admin Console

    Provide an admin page where administrators can get a real-time view of their organization's mail flow.

  • Support Various Policies

    Set policies based on your organization's needs, including email attachments, URLs in email body, URLs in attachments, and more.

  • Masking VIP Mail Information

    Protect sensitive information by masking incoming mail information for specific internal users.

  • Support Threat Intelligence for Content Security

    Provides threat intelligence to quickly respond to security threats by managing various content-based information.

  • Provide Content-based Threat Information

    Provide detailed analysis information of non-executable files to malware analysis experts.

  • Block New or Variant Security Threats

    Detect and block known and unknown security threats via reverse engineering-based debugger analysis.

  • Monthly Report

    Generate reports at 31-day intervals for easy, at-a-glance visibility into your email flow.

Plan & Pricing

Make your Microsoft 365 exchange online service more secure with DISARM Content Security!
지금 구매하시면 Enjoy first 30days free when you purchase today.

BASIC

Basic
$
36
.00
Per user/year
    • Block Malware
    • Content Threat Intelligence Analysis
    • Phishing Attack Protection
    • Detect & Block Security Threats
    • Block Malicious Threats in Email and Attachment

shadow

STANDARD

★ ZERO TRUST CDR
$
42
.00
Per user/year
    • BASIC Features
    • Content Disarm and Reconstruction (CDR)
    • Prevent Security Threats when Sharing Files


shadow

ADVANCED

★ CONTENT SANDBOX
$
60
.00
Per user/year
    • STANDARD Features
    • Block Unknown Threats (Debugger Analysis)
    • Content-based Threats Detailed Information
    • Email Profiling


shadow

BASIC

Basic
$
3
.50
Per user/year
    • Block Malware
    • Content Threat Intelligence Analysis
    • Phishing Attack Protection
    • Detect & Block Security Threats
    • Block Malicious Threats in Email and Attachment

shadow

STANDARD

★ ZERO TRUST CDR
$
4
.00
Per user/year
    • BASIC Features
    • Content Disarm and Reconstruction (CDR)
    • Prevent Security Threats when Sharing Files


shadow

ADVANCED

★ CONTENT SANDBOX
$
5
.50
Per user/year
    • STANDARD Features
    • Block Unknown Threats (Debugger Analysis)
    • Content-based Threats Detailed Information
    • Email Profiling


shadow

FAQ


DISARM Content Security service scans emails received by subscribers for the presence of malware and sanitizes attachments before delivering them to the inbox in Microsoft 365. Subscribers are informed that the content has been sanitized via a notification bar at the top of the email body. In the event that a subscriber receives a malicious email, they are notified of the detection results that DISARM Content Security quarantined.


Microsoft 365’s security features provide signature-based security (e.g., anti-virus, spam, etc.), which makes it challenging to detect and block “Unknown and new variants of malware or ransomware” (Unknown Threat) that bypass traditional security systems. In contrast, DISARM Content Security proactively detects and blocks both known and unknown security threats through proprietary ‘Assembly Instruction Analysis’ technology. Furthermore, DISARM Content Security’s CDR technology renders all business content (MS Office, HWP, PDF, JPG, PNG, etc.) harmless to cyberattacks, enabling subscribers to use a more secure Microsoft 365.


Although Microsoft 365 offers additional security features such as Microsoft Defender Plan 1 and Plan 2, it is limited to blocking the latest variants of hacking attacks. DISARM extends the coverage of Microsoft 365’s existing security layer to detect file-borne and unknown threats. If you have many digital file transactions in your Microsoft 365, DISARM will be the right solution to proactively prevent these threats.

As shown in the figure below, DISARM exclusively detected a recent malicious phishing email that attempted to take over an account that passed as legitimate in Microsoft 365.