MetaDefender Core

Advanced Threat Prevention Solution

Cyberattacks become ever-more sophisticated. Cyberthreats are incessantly evolving and being built to evade traditional signature-based and behavior-based anti-malware defenses. Nowadays your IT and OT infrastructures need an advanced multi-layer threat prevention to beat zero-day attacks, advanced persistent threats (APT) and advanced malware.

MetaDefender Core enables you to integrate advanced malware prevention and detection capabilities into your existing IT solutions and infrastructure for better handling common attack vectors: securing web portals from malicious file upload attacks, augmenting cybersecurity products, and developing your own malware analysis systems.

Detect, Analyze and Eliminate Malware and Zero-day Attacks

  • Quickly scan all files with top 30+ antivirus engines and detect over 99% of known malware. 
  • Recursively sanitize 100+ file types with market leading Deep CDR technology and remove 100% of potential threats. 
  • Remove, redact or watermark sensitive data in files before it enters or leaves your network. 
  • Uncover vulnerabilities in installers, binaries or applications before they are installed and plug any security holes.
    • Monitor and secure all workloads in real-time via Central Management and an interactive dashboard.
    • Automated and actionable reports identify risks associated with users and services for quick remediation actions.
    • Configure workflow and analysis rules based on user, file source, and file type to meet your specific security requirements.

MetaDefender Core Features & Benefits

Prevent Zero-Day and Advanced Evasive Malware

MetaDefender Deep Content Disarm and Reconstruction (Deep CDR) technology protects from known and unknown file-borne threats by sanitizing and reconstructing files. Any possible embedded threats are neutralized while maintaining full usability with safe content.

Rebuild over 100 common file types, hundreds of file reconstruction options are available.

Achieve Over 99% Threat Detection Accuracy

MetaDefender Multiscanning technology leverages 30+ leading anti-malware engines and proactively detects over 99% of malware by using signatures, heuristics, and machine learning. This significantly improves detection of known threats and provides the earliest protection against malware outbreaks.

Prevent Data Breaches and Regulatory Compliance Violations

MetaDefender Proactive Data Loss Prevention (Proactive DLP) helps companies prevent sensitive and confidential information in files from leaving or entering the company’s systems by content-checking files before they are transferred. This helps enterprise meet regulatory requirements like HIPAA, PCI-DSS and GDPR.

MetaDefender Proactive DLP supports a wide range of file types, including Microsoft Office, PDF, CSV, HTML and image files.

Detect Application and File-Based Vulnerabilities

MetaDefender File-Based Vulnerability Assessment technology scans and analyzes binaries and installers to detect known application vulnerabilities before they are executed on endpoint devices, including IoT devices.

It gives IT administrators the ability to:

  • Check certain types of software for known vulnerabilities before installation
  • Scan systems for known vulnerabilities when devices are at rest
  • Quickly examine running applications and their loaded libraries for vulnerabilities

100+ File Conversion Options

Use the file type conversion functionality to flatten files to fewer complex formats. MetaDefender enables administrators to specify that certain file types are converted to other files types (e.g. Microsoft Word documents to PDF). By adding this step to the data processing workflow, zero-day attacks where malicious objects are embedded into office documents or image files can be eliminated, even if they have the ability to evade detection by antivirus engines.

4,500+ File Type Verification

With MetaDefender's file type verification technology, you can determine the actual file type based on the content of the file, not the unreliable extension to combat spoofed file attacks. You can also configure security processes based on true file type. For example, you can take more precautions with risky file types like EXE and DLL files —setting different policies or workflow rules based on file type.

A spoofed file usually indicates malicious intent, so to mitigate this risk, MetaDefender block files with incorrect extensions. For example, MetaDefender can preventing EXE or DLL files trying to pose as TXT files from entering your organization.

Archive Extraction

MetaDefender currently supports archive scanning for over 30 types of compressed files. Archive handling options are configurable, and encrypted archives are supported.

Benefits of Archive Extraction:

  • Improve detection capabilities of anti-malware engines by using both extracted and unextracted scanning
  • Decrease scanning time and improve processing time by removing redundant scanning of archives
  • Prevent archive bombs by extracting files and scanning them individually

Workflow Engine

MetaDefender’s Workflow Engine allows administrators to create multiple workflows to handle different security policies based on users and file source.

Benefits of the Workflow Engine:

  • Improve Security - The workflow engine allows you to set the appropriate security level per user and file type and enables IT to make quick decisions on data security policy.
  • Enhance Performance - By blocking certain file types and setting the order of file processing, performance can be enhanced.
“With MetaDefender’s Deep CDR, Upwork was able to prevent 100% of zero-day file attacks, compared to only 70% blocked by standard AV. All files with active objects are sanitized. 75% of files are processed and ready in less than a second and 99% in less than six seconds.”

Head of Security, Upwork

Why MetaDefender Core

Data Privacy Compliance

MetaDefender Core can be deployed on-premises which enables offline analysis of files. In the MetaDefender Cloud platform, your files will be processed privately in a temporary storage and removed immediately after the analytical report is finished.

Simple Deployment

Fast implementation both on-premises and in the cloud via REST API, Webhook or any Internet Content Adaptation Protocol (ICAP) enabled product. Support for both Windows and Linux.

Expert Professional Services

Access to cybersecurity experts to adapt the solution to your existing infrastructure and unique requirements. 24/7 support is available to keep operational at all times.

Centralized Management

From a centralized console, you can perform global operations, view all deployed anti-malware engines, manage virus definition and engine updates, and check licensing status.

High Performance and Scalability

Scale to any volume with our high-performance architecture and load balancing feature. Fast scanning and reconstruction without affecting performance.

Low Total Cost of Ownership

Single-source licensing through OPSWAT helps enterprises avoid complex, costly and time-consuming implementation and management of different vendors.

Use Cases

Protect Web Portals from Malicious File Uploads

MetaDefender Core prevents malicious file uploads on web applications that bypass sandboxes and other detection-based security solutions. It also helps protect confidential data, minimize data breaches, and prevent privacy violations with Proactive DLP.

Perform Malware Analysis Safely and Effectively

MetaDefender Core’s multi-layer malware detection and analysis technologies help you to quickly and effectively triage and respond to security incidents, find the root cause of cyberattacks, and improve your defenses. It can be deployed on-premises, enabling offline analysis of malicious files to keep sensitive files private and scan results confidential.

Enhanced Threat Prevention for Security Products

Use MetaDefender Core to reinforce your security solution with OPSWAT advanced threat prevention technologies. We provide sample code and detailed API documentation to help you bootstrap your integration. You can use almost any programming language to leverage MetaDefender technology with our APIs to help your developers get their prototypes done quickly without an additional learning curve.


Success Story

How Upwork prevented 100% of zero-day file attacks with MetaDefender, compared to only 70% blocked by standard AV

Teza Mukkavilli, Head of Security of Upwork, shares the story.

More success stories >

Schedule a meeting with an OPSWAT technical expert to learn how MetaDefender Core helps you protect your infrastructure