deep-File Inspection takes the file and reads it into memory,
inspecting the three distinct layers of the file:
- The Visual Content Layer – What users actually see when viewing or editing the file.
- The Active Content Layer – Hidden objects that execute actions inside or externally, e,g. Macros.
- The File Structure Layer – Framework of details that are defined in the file standard.
Remediation ensures a document’s structure is conformant with the specification for that file type. For example, the ISO32000 specification details the Adobe PDF file format and the ECMA-376 and corresponding ISO/IEC 29500 specifications detail the Microsoft Office Open XML file formats. The published specifications are what we call, ‘known good’.
Sanitisation is the removal of Active Content by policy, mitigating the risk of functional features in files. Sanitisation allows users to get the document features they need and strips out all the functions they don’t.