Focusses on disarming the data so it can’t damage the system. Disarming data is expected to occur in the context where the data will be processed