OPSWAT Metadefender

Metadefender is a powerful and flexible security solution for ISVs, IT admins and malware researchers, providing simultaneous access to multiple anti-malware engines, heuristics, data sanitization and additional threat protection technologies residing on a single system.
At the heart of the solution, the Metadefender Core multi-scanning engine uses up to 40+ anti-malware engines to scan files for threats, significantly increasing malware detection.
Metadefender can be used to analyze a large database of files and provide extensive data points about which engines have detected each threat. It is also easy to use alongside other analysis software, including dynamic analysis solutions, to provide detailed contextual information about files.

Metadefender Core Components:

  • Multi-scanning - Maximum protection with over 30 anti-malware engines.
  • Data Sanitization - 90 data sanitization engines to prevent unknown threats
  • Vulnerability Detection - Detect and prevent known vulnerabilities from entering your organization
  • Heuristics - Leverage many heuristic engines to detect unknown threats
  • Archive Extraction - Fast and customized archive scanning for over 30 file types
  • File Type Verification - Block spoofed file types from entering your organization
  • Workflow Engine - Customize security policies for the handling of files and data
  • OESIS Auto Updates - Auto update engine for OESIS Framework libraries
  • Central Management - Track and manage multiple instances of Metadefender Core from one location
  • Additional Features:
    Robust APIs
    Metadefender Core exposes a rich set of APIs that can be used to build powerful multi-scanning and data sanitization features into existing solutions and security architectures. Our flexible integration options include both REST and COM, making Metadefender Core an attractive option for a variety of users. IT administrators make use of these APIs to build Metadefender Core into their network architecture alongside dynamic analysis solutions, file upload servers, and MFTs. Software developers at ISVs often utilize the APIs to integrate the extra security provided by Metadefender into their development processes. See our use cases for a range of anti-malware API solutions that can be created with Metadefender Core.
    The available APIs include basic methods for scanning a file and retrieving existing scan results using a SHA1, SHA256 or MD5 hash, as well as methods for rescanning files, downloading previously scanned files and retrieving the queue size. APIs are also available for retrieving statistics from Metadefender Core, including file type information, scan history, recent threats and server health.
    Offline Capabilities
    Metadefender Core is designed with the ability to deploy in offline environments. We provide mechanisms for downloading and distributing antivirus updates to any offline Metadefender Core servers so that the virus definitions can be kept up-to-date, even in secure, locked-down environments with limited or no network connectivity. This is important for air-gapped facilities that need to isolate their environment. In air-gapped environments, customers often use Metadefender Core with the Metadefender Kiosk to regulate the flow of data into the organization. Read the Metadefender Kiosk deployment options page for examples of offline deployment setups, or view our offline update configuration video to review the process in detail.
    All Metadefender Core packages also provide the ability to implement an in-house file scanning site, like our Metadefender demo, given certain technical requirements. This web interface feature can create a complete, static file scanning solution suitable for malware analysis in off-line or locked-down environments, allowing everyone with a web browser in your network to quickly determine the status of a file (clean or infected) as well as the particular threat identified (class of malware, name, engines that detected the threat).
    Performance
    Metadefender Core has multiple anti-malware scanning engines embedded within its framework at the API level. This means that scanning operations are executed from a single system with a high level of performance, which cannot be achieved by simply passing files to separate command-line or GUI based versions of anti-malware products. Anyone looking to integrate with an anti-malware solution created by Kaspersky Lab or Symantec via API or SDK will find Metadefender Core to be an ideal security solution.
    Central Management
    The Metadefender Central Management system provides an easy way to track and manage multiple instances of Metadefender Core within your network. With a simple, clear interface, Metadefender Central Management is a centralized console that allows you to view the managed engines on each installation, control online and offline updates, as well as check license and update status for each managed engine. Central Management runs on Windows as well as Linux.
    Flexible, Scalable Deployment
    Metadefender Core supports a variety of deployment needs with three versions:
  • On-premises, for situations requiring the utmost in privacy and control, including offline and air-gapped networks
  • In the cloud at Metadefender.com for easy access to more than 40 anti-malware engines
  • On-premises, Metadefender Core can be deployed on both Windows and Linux appliances. Metadefender Core supports many different 64-bit Linux distributions, including Debian, Red Hat Enterprise Linux, CentOS and Ubuntu. Metadefender Core for Linux provides enhanced security features as well as load balancing for high-volume scanning by deploying multiple scan agents with one Metadefender Core server. Metadefender Core for Linux can be used in high-availability deployments using Linux tools such as Heartbeat and Corosync.

    more...