OPSWAT Announces FileScan.IO Asset Acquisition. Read More

Re-Blog: Three Questions You Should Ask Security Vendors

Before the 2015 RSA Conference back in April, Rafal Los wrote a piece titled, "Three Questions You Should Ask Security Vendors," in which he covers questions people should ask while attending the conference. We know RSA Conference has come and gone but as Black Hat is just around the corner, we thought it would be appropriate to answer Rafal's questions.

Black Hat 2013 conference floor - Image Credit: IT News

1. What business problem does this solve?

Before attending a security conference, it is important to think about what type of solution you are looking for and what your current needs are. Below, we have provided short summaries for four of our current products with details on how they solve specific security issues.


Our endpoint visibility platform, Gears, allows IT and security professionals to have visibility over the security status of both managed and unmanaged devices no matter where they are, what software they use or how they connect. Many organizations have a remote workforce or employees who bring their own devices to work. With so many devices to monitor, it's difficult and time-consuming for IT departments to keep track of their configuration and security state. The platform is also ideal for MSPs because it enables management of otherwise unmanaged software, like free antivirus and built-in encryption products. Gears makes it easy to view the security status of all devices from a single pane of glass or interact via open API, checking the status of 1000's of security applications, as well as identifying potentially risky behavior like the use of public file sharing services or persistent malware infections.


Our multi anti-malware scanner, Metascan®, harnesses the power of multiple anti-malware engines to detect and prevent threats at any point in your organization's work flow including during file uploads, email correspondence, downloading files (even while downloading files while browsing using Chrome or Firefox!). Along with these capabilities, Metascan also has a malware analysis tool for those looking to learn more about the detection of threats over time. Malware analysts can take advantage of up to 35+ anti-malware engines to research threats in binaries and analyze large databases of malware samples. In addition to providing advanced malware analysis tools, Metascan is able to prevent embedded threats such as those found in PDFs or Word files through its data sanitization capabilities.

Policy Patrol Security for Exchange

Policy Patrol Security for Exchange is an email security filter that helps organizations manage and secure emails for Microsoft Exchange Server. The software addresses the paint points of email use, including phishing, spam, malware, inappropriate use and confidentiality concerns. With its filtering capabilities, the risk of email-borne threats entering the organization or the leakage of confidential data is greatly reduced. Using Metascan, Policy Patrol allows organizations to quickly scan email attachments with multiple antivirus engines, detecting and blocking advanced malware threats in emails.


MetaDefender is the ideal solution for protecting organizations with high-security needs such as critical infrastructure or offline/air-gapped networks, military organizations, banks and public utility companies. MetaDefender, available for kiosks, tablets and other Windows machines acts as a checkpoint to scan portable media devices for threats. If a threat is found, the content can be blocked from gaining access to the facility. MetaDefender is powered by Metascan, which scans files for threats with multiple anti-malware engines. With this technology, organizations can define clear steps to detect, control, and sterilize digital data before it is transferred to the secure network.

2. Do I have the resources to plan, design, implement and operationalize?

It is crucial to assess the time and resources necessary to get a product up and running from the time of purchase to the time of first use. We strive to make all of our products easy to launch and maintain, preventing any additional burden from being put on you. Your day-to-day operations should be simplified, not complicated, by our products. To that end, our support team can address questions that come up during your implementation as well as once you are in production. If you want guidance on the implementation process, or even someone to implement everything for you, our professional services team can provide that service.

Additionally, our SaaS products are designed for ease of deployment, combining the usual advantages of SaaS with the convenience of open APIs. We understand that not every customer can be satisfied in a SaaS model, so we provide open APIs to ensure that each customer can make Gears and Metascan Online work for them, the way they want. Many of our products are easily integrated with other solutions, meaning you can still use existing technologies.

Furthermore, we strive to make all of our products easy to maintain and prevent any additional burden from being put on you. Day-to-day operations should be simplified, not complicated, by our products.

3. What task does this automate that my existing tools cannot do?

If you are going to purchase a security product, you should make sure that it has a high business value. Is this product worth the cost to your organization? How does the product help you to achieve your security goals?


Gears automates endpoint security auditing and compliance with policies, either your company's specific baseline or an industry mandate or regulations like HIPAA, PCI and FINRA/SEC. When combined with NAC (Network Access Control), SSL VPN or CASB (Cloud Access Security Broker) it automates enforcement by limiting access for non-compliant devices. Additionally it provides clear, concise instructions to users who are close to non-compliant or are already non-compliant, allowing them to often remediate their own PC (ideal for BYOD).


Metascan's multi-scanning technology automates the process of scanning with multiple anti-malware engines. By using both signature and heuristic scanning methods, it provides faster malware detection rates, including malware attacks targeting different operating systems such as Windows and Linux. We provide a single point of configuration, allowing you to leverage multiple scan engines on a single operating system. All third party licenses are included, which saves you the hassle of sourcing and managing licenses from multiple vendors; you only need to manage your Metascan license. We also have a free version of our Metascan product, Metascan Online, where you can scan files, IP addresses, and perform hash lookups. We just released a new stats page for Metascan Online where you can see detection rates for top threats for different anti-malware engines.

Policy Patrol Security for Exchange

Policy Patrol has many features that can save your organization time including blocking spam and phishing emails so you don't have to manually review them yourself, as well as automating email tasks such as redirecting and copying emails, sending auto replies, compressing attachments, changing reply-to addresses and centrally adding email signatures.


MetaDefender can save your organization time with its post-processing options for both allowed and blocked files that enable you to covert files from one type to another to remove potentially dangerous objects or embedded macros.

If you want to learn more about any of the products above or want a live demo of our newly released Metascan for Linux, please stop by booth 365 August 5th and the 6th at this year's Black Hat Conference in Las Vegas.

For more information, please contact one of our cybersecurity experts.

Sign up for Blog updates!
Get information and insight from the leader in advanced threat prevention.