CSD’s core detection engine uses a proactive detection mechanism that is based on the ‘known good’ design principle (white-list). This means that everything on the website that is not part of the original page (known good) will be marked as potential malicious and process by a malware expert in the CSD Portal (dashboard). The proactive approach allows us to detect test cases of malware writers and update the detection engine accordingly before the actual attack emerges.