MetaDefender Core AMI

Protect Web Applications Deployed on AWS

Cybersecurity is of paramount importance to enterprises building out cloud infrastructure on Amazon Web Services (AWS). Under the AWS shared responsibility model, AWS customers are responsible for securing their content as well as their platforms, applications, systems, and networks that are deployed on the cloud. This is similar to the protections that organizations need to incorporate for their on-premises systems.

MetaDefender Core AMI (Amazon Machine Image) offers an advanced multi-layer security platform that prevents malicious traffic from infiltrating your AWS Cloud deployment and protects your mission-critical data from deliberate theft or inadvertent leakage and compromise.

Prevent. Detect. Respond

  • Scan all files uploaded to your web applications deployed on AWS by 30+ antivirus engines and block more than 99% of known malware.
  • Sanitize with industry-leading Deep CDR technology and remove 100% of potential threats.
  • Sensitive and confidential data in files can be blocked, redacted or watermarked before entering or leaving your applications.
  • Uncover vulnerabilities in installers, binaries or applications before they are installed and plug any security hole.
  • Monitor and secure all cloud workloads in real-time via Central management and an interactive dashboard.
  • Automated and actionable reports identify risks associated with users and services for quick remediation actions.
  • Configure workflow and analysis rules based on user, file source, and file type to meet your specific security requirements
  • Flexible deployment options: download and install MetaDefender on your existing AWS deployment or choose to deploy on Amazon Elastic Compute Cloud (EC2) with MetaDefender pre-installed.


Simple Deployment and Seamless Scalability

Each MetaDefender deployment will make itself available for processing within minutes after activation. Deploying OPSWAT Central Management will further reduce the deployment time as the licensed modules and engines will be cached and ready to deploy.

High-Performance and Reliability

By setting a health check and deploying MetaDefender in different Availability Zones with a load balancer in front of them, you can ensure uninterrupted service. Read detailed information in the AWS Deployment Guide.

Custom Policies and Workflows

You can create your own policies for Multiscanning and Deep CDR and customize multiple workflows to handle different security policies based on users, file sources, and file types.

Continuous Visibility and Control

A centralized real-time security status dashboard provides complete visibility into your assets and immediately alerts you to potential threats.

MetaDefender Core AMI provides comprehensive protection for your cloud assets

Prevent Zero-Day Attacks and Evasive Malware

Analyze and sanitize files residing in or transitioning through your AWS deployment using OPSWAT Deep Content Disarm and Reconstruction technology (Deep CDR).

Files are evaluated and verified to combat spoofed file attacks and detect seemingly complex files from posing as simpler files, with identification of over 4,500 file types. Each file is scanned to identify all embedded active content in the file, such as macros, hyperlinks and OLE objects. File extensions are examined to prevent seemingly complex files from posing as simpler files, and red-flagged for malicious content, alerting organizations when they are under attack.

Deep CDR supports sanitization for over 100 common file types, including PDF, Microsoft Office files, HTML as well as many image files. JTD and HWP files are also supported.

Maximum Known Malware Detection

OPSWAT Multiscanning technology leverages 30+ anti-malware engines, combining signature-based, heuristics-based, and machine learning detection methods. By combining the results of multiple scanning engines, you can significantly improve detection rate, reduce outbreak exposure times and achieve virtually zero exposure.

As shown in our Multiscanning test of more than 10,000 of the most active threats, we achieved over 95 percent detection with 12 combined engines, over 97 percent detection with 16 engines, and over 99 percent detection with 20 or more engines.

Single-source antivirus licensing through OPSWAT helps reduce overhead cost.

Prevent Sensitive and Secret Data Exposure

Aid compliance with data regulations and industry-standard security requirements for PCI, HIPAA, Gramm-Leach-Bliley, FINRA, etc. by using OPSWAT Proactive Data Loss Prevention (Proactive DLP). Our technology enables you to redact, remove, watermark, or block sensitive and confidential data in files. MetaDefender Core AMI can content-check over 70 file types for sensitive content, including:

  • Social Security Numbers
  • Credit Card Numbers
  • IPv4 addresses
  • Classless Inter-Domain Routing (CIDR)
  • Custom Regular Expressions (RegEx)
  • Secrets in text files (AWS, Microsoft Azure, and Google Cloud Platform)

Application and File-Based Vulnerability Assessment

Vulnerabilities associated with specific binary components are hard to detect with traditional vulnerability-scanning technology. Our patented technology (U.S. 9749349 B1) has collected and analyzed over one billion (and growing) vulnerable software data points from in-the-wild devices and used this data as a foundation for assessing vulnerabilities based on software components. It gives IT administrators the ability to:

  • Check certain types of software for known vulnerabilities before installation
  • Scan systems for known vulnerabilities when devices are at rest
  • Quickly examine running applications and their loaded libraries for vulnerabilities

Schedule a meeting with an OPSWAT technical expert to explore how to secure your cloud infrastructure