MetaDefender Core Linux (BYOL AMI)

The use cases for MetaDefender  involve checking an endpoint, such as a laptop or USB, to ensure that they are safe, clean, and meet security policy before they connect to the network. I can use it for malware and unknown devices' security status.

The best feature of MetaDefender  is that it can isolate USB devices from the connected network, blocks malware and unsafe files, and ensures all endpoints follow security policy, so that my organization remains safe and reduces the risk of these threats.

I find MetaDefender effective when it comes to blocking or sanitizing content based on the policies in place because it removes hidden threats and scans devices and endpoints, protecting the environment against unknown and advanced attacks.

The integration of Multi-Scanning and Content Disarm and Reconstruction affects my data security operations positively as it is easy to integrate into my environment.

I find the multi-scanning mechanism and content disarm and reconstruction features beneficial for data security, as MetaDefender's endpoint creates a secure layer to protect my organization from threats and attacks.

The main benefits that MetaDefender brings include isolating USB devices from attacks, removing hidden threats such as malware and malicious attacks, and protecting against unknown and advanced attacks.

My impression of the detection rates provided by MetaScan Multi-Scanning is that they are good, as the scanning of MetaDefender removes hidden threats, detects known issues, and protects devices from unknown malware and attacks.

I assess the effectiveness of Deep CDR in reconstructing files safely without signatures. CDR used in MetaDefender effectively removes dangerous and unsafe attacks by taking a file, removing risky parts, and delivering a clean version to the user, as it removes scripts, hidden links, and malicious components.

I use Adaptive Sandbox Analysis and a sandbox to detect advanced threats, as it receives files, runs them in a VM environment, and discovers the behavior of these files, allowing safe files to return while blocking any that behave poorly.

I find that the features of MetaDefender are strong, and its work is effective for scanning and securing the environment from malware and operates well.

I am not using the expanded file type and archive coverage feature because I was unaware of it.

I am not using the enhanced reporting and audit visibility features, and I am unsure about them.

Regarding the reporting, analytics, and audit visibility, I cannot provide a comprehensive answer. I do not know if the audit requirements help me with deep enhanced reporting and audit visibility in MetaDefender.

I have not noticed any improvements in workflow automation with recent enhancements to policy orchestration and engine parallelization.

What I would like to see improved in MetaDefender includes reducing the high cost of the license, as the pricing is very high.

Functionality-wise, I find installation and setup very difficult, and I needed support to help me understand the setup of MetaDefender. The process requires good planning and understanding of the environment to configure it, as the integration with policies takes more time to build and requires more experience.

I have been using MetaDefender for one year.

When it comes to stability, I find it stable as it maintains good external stability with good availability and no major issues. The setup is difficult, but generally, the product stability is good.

I find it scalable, as more users can work smoothly without any crashing or slowing down.

I evaluate customer service and technical support as good, as they respond in a timely manner.

Before MetaDefender, I used EDR, which is the product that I used before switching to MetaDefender.

The deployment process was difficult; I needed a vendor to help me because the setup of MetaDefender is complex.

SIS helped me to deploy MetaDefender.

I believe it is worth the money, as it brings time-saving, cost-saving, and efficiency improvements, especially in large environments. However, in smaller environments, it incurs high costs. Overall, it is good because it has many features for scanning and cleaning the environment from malware and saves time.

I do not find it cost-effective, as the costing is high.

I decided to switch to MetaDefender because Kaspersky could only detect malware but not take action, whereas MetaDefender detects and prevents threats simultaneously.

I chose MetaDefender because it is capable of adding multi-layered security that prevents threat detection and removes unknown threats, working without signature-based detection, which is beneficial.

I recommend MetaDefender to others because it is effective, has high stability, and is beneficial for environments. I have rated this review a ten out of ten.

My main use case for MetaDefender  is for our client's environment, which is using MetaDefender  for their OT security or for their email side. All clients use MetaDefender, and it is especially great for Content Disarm and Reconstruction, which they want to leverage.

For example, one of our clients is using MetaDefender for their email gateway site as their mail gateways, scanning emails. Generally, they use MetaDefender's Content Disarm and Reconstruction property for that email scanning.

None of my customers are using the reporting and audit visibility features on MetaDefender platform.

Integrating multi-scanning and Content Disarm and Reconstruction positively affects my clients' data security operations, prioritizing security over potential delays experienced by end users.

The best features MetaDefender offers include its Content Disarm and Reconstruction, which is a key feature chosen by our clients because many other products claim to provide that functionality, but generally, they cannot do it as cleanly. Through Proof of Concept sessions with our clients and the OPSWAT team, they see that MetaDefender's Content Disarm and Reconstruction is strong, usable, and valuable for our customers, making them want to work with OPSWAT specifically for this feature.

For example, one of our customers was not using any Content Disarm and Reconstruction technology but was receiving emails containing PDF documents or XLSX documents, some with malicious content. MetaDefender's technology worked effectively, disarming and reconstructing PDFs to deliver clean copies to their users, while allowing their analysts to see the malicious code.

MetaDefender has positively impacted my clients' organizations by saving time for their SOC teams who were previously receiving false positives and unnecessary alarms from other products, allowing them to focus on analyzing real threats, which has led to fewer incidents.

For one of my clients, a major bank in Turkey, they reported saving approximately 30 percent of their SOC time on analyzing emails since implementing MetaDefender.

MetaScan multi-scanning feature is excellent because it provides multiple vendors for scanning. If one vendor fails, the others remain operational, ensuring continued protection.

Assessing the effectiveness of Deep Content Disarm and Reconstruction in reconstructing files safely and without signatures reveals it to be effective, as clients receive identical documents without changes other than the removal of malicious code.

MetaDefender's file-based vulnerability assessment analyzes binaries and installers for known vulnerabilities before they enter a network, providing a proactive defense that is highly valuable for our customers.

While MetaDefender's mail gateway already gives fewer false positives, there is still room for improvement in reducing those even further.

Additionally, MetaDefender could benefit from a better graphical user interface for administrators, making it more usable, although this is not an urgent need but an area for potential improvement.

I have been using MetaDefender for three years.

It was a fresh sell to our customers for MetaDefender, and I evaluated other options before choosing MetaDefender.

I have not seen a direct return on investment, but clients have noted that the product saves time and may reduce the need for fewer employees since the SOC team focuses on critical incidents as MetaDefender handles current analyses efficiently.

Pricing, setup costs, and licensing are handled by my sales team, but feedback indicates that our pricing is better than other vendor solutions.

I can specify that my clients considered other options before choosing MetaDefender.

I do not have anything else to add about how my clients use MetaDefender. My review rating for MetaDefender is ten out of ten.

MetaDefender  is used in one of our client environments where every file upload to their web portal goes through the scanning process. It scans using multiple engines and applies CDR before allowing the file into the system. This has helped us stop suspicious documents even before users interface with them.

With the increase in phishing and document-based attacks recently, this kind of file sanitization layer has become very important for us.

MetaDefender  offers some of the best features such as multiple engine malware scanning, content disarm and reconstruction (CDR), deep file inspection, and strong API-based integrations. Deep file inspection is the feature I find myself using the most, as it helps in my workflow significantly. The multi-engine approach gives more confidence compared to relying on a single antivirus engine, especially for zero-day threats.

MetaDefender's effectiveness in blocking or sanitizing content based on policy is very strong. A combination of multi-engine scanning and CDR makes a big difference. It does not just rely on a signature; it enforces policy at the file level. Policies like blocking files with high-risk indicators, sanitizing documents with embedded macros, and allowing only clean files into the environment show its strengths. MetaDefender is very effective in sanitizing files without breaking usability. The integration of multi-scanning and Content Disarm and Reconstruction affects our data security operations. MetaDefender plays a very important role in today's threat landscape, which heavily uses documents and file-based payloads.

The UI can be more user-friendly, and initial steps and policy tuning take some time. Reporting  can be improved as extracting detailed insights for management reports takes extra effort.

I have been using MetaDefender for 1.5 to 2 years.

MetaDefender is stable. We have not faced major downtime.

MetaDefender's scalability is excellent, as it handles larger volumes of file scanning without major issues.

Support for MetaDefender is very responsive, though sometimes complex issues take time to resolve.

We evaluated sandbox-based solutions and some email security tools, but MetaDefender's CDR approach was more practical.

MetaDefender has positively impacted my organization by reducing the risk of file-based attacks, which has significantly improved our overall defense against phishing and malware delivery techniques. We have seen around a 40% drop in malicious file incidents, and our SOC team is spending less time on manual file analysis now.

MetaDefender is a very time-saving and effort-saving tool. I advise others looking into using MetaDefender to understand their file flow properly before deployment. If integrated correctly, it becomes a very strong layer against modern file-based attacks.

Threats in a file are cleaned before they reach the core, creating a silent shield in place. The SOC workload has reduced because fewer suspicious files reach analysis, and users do not complain much since files still open normally after sanitization. I would rate this review an 8.

Our use case is for threat protection.

I appreciate the unique features of MetaDefender  since it uses multiple scanning in a single engine. The scanning capability, which combines different antivirus and scanning engines integrated into a single engine by OPSWAT, is particularly valuable.

The integration of multi-scanning and Content Disarm and Reconstruction is truly helpful because we can utilize it in other products such as email integration with ICAP capability, and we are also using it in web scanning. The integration is flexible and perfect for our needs.

We are not yet using the expanded file type and archive coverage feature.

Enhanced reporting and audit capabilities are not fully utilized. We use only the simple reporting features, such as viewing viruses that were scanned and found, and how they were removed and disinfected.

At this time, I cannot determine specific areas where MetaDefender  should improve because it is already nearly perfect.

We have been using this solution for two years.

I can rate the stability at 10.

One hundred users use the solution.

The technical support can be rated at 9.5 from one to 10, with 10 being the best.

Comparing MetaDefender with other antivirus vendors, it is not comparable because of the unique features of using multiple scanning, which I cannot see in other products.

The engine requires constant updates for analysis purposes, which is why we need to maintain it regularly.

The detection rate of MetaDefender is 99.99 percent. It is truly effective because although we are not relying on signatures for scanning, we rely on the behavior of threats, and they are perfectly removed or we are perfectly protected from that scanning. Even though it is not signature-based and scans based on threat behavior, that approach is effective.

We are using adaptive sandbox analysis. Using sandbox analysis helps describe the impact on analyzing any suspicious files and extends the capabilities for how to disinfect or detect threats. It helps us detect zero-day attack threats, so we are protected from that.

The effectiveness of the solution in blocking or sanitizing any content based on our policies is excellent.

I would recommend this product to other users. It should be integrated with AI for enhancement. I would rate this review at 10.

MetaDefender  serves as a file security gateway that scans, cleans, and sanitizes files before they are allowed on the network, which stops malware, ransomware, zero-day attacks, and any kind of malicious files from entering the network.

For one of our partners, we were dealing with a large financial services business handling mortgage applications. When files were scanned into the network, every single file that was sent was then scanned by the multi-scanner, and if any contained even a slight amount of malware, we performed deep CDR file sanitization that removed everything that could be malicious and rebuilt the file.

The main use cases that we tend to see are all the antivirus engines as part of the multi-scan, and the second use case that is emerging frequently is file sanitization, also known as deep CDR.

In my experience, the best features MetaDefender  offers include the number of different antivirus engines that can scan files through multi-file scanning, often using 20 to 30 engines, with the top premium package around 33 engines, capturing 80 to 90% of malware in all those files. If any engine detects malware, the file is blocked, which increases detection because different engines catch different malware.

When dealing with central government and defense, we find that if there is any kind of malware on the network or the file, whether that is a software file, hard disk file, or a pen drive, it cannot be allowed on the network. This is when we put it into the sandbox and perform file sanitization to ensure that nothing malicious comes into the network.

Whenever we are dealing with central government or defense contracts, MetaDefender's core philosophy of trusting no file means it scans files, rebuilds them, and verifies their reputation, ensuring they contain no malicious content. This positively impacts our organization by detecting malware and stopping any kind of data leaks through the network.

In terms of measurable outcomes across central government and defense, we are seeing saved time when files go through the antivirus file scanners. In financial services, such as with mortgage applications, the process sends files straight into MetaDefender file scanning that cleans out any malicious content.

I don't think there are many feature improvements needed; it's a great solution. The main thing is just the pricing because it's such a top-end enterprise product. For smaller partners with a customer base that isn't as affluent, the price can be a barrier, making it more of a 'nice-to-have' for their budgets compared to cheaper competitors.

I've been using MetaDefender for just under 18 months.

MetaDefender is 100% stable, making it one of the best cybersecurity solutions we offer, which provides confidence in promoting and recommending it to others.

MetaDefender's scalability is considerable. We handle vast amounts of traffic from banking, defense, and critical national infrastructure, ensuring that even one malicious file does not enter our networks.

Customer support from Opswat is commendable. Their customer service team, distribution team, and regional sales managers provide excellent aftercare and set us up for upselling across the entire MetaDefender portfolio.

From a partner's perspective, the channel team and customer service have delivered strong support. I would rate it a nine because I have not interacted with customer support directly, though the support provided has been strong.

We have not used a different solution. We focus on best-in-breed vendors, with Opswat being our chosen solution due to its effectiveness in the market.

I believe we see a return on investment through time savings and reduced need for unnecessary personnel. Having both cloud and on-premise solutions enables effective file sanitization and vulnerability detection while preventing attacks that save costs and protect reputation.

Regarding pricing, setup cost, and licensing, I find the pricing for kiosks, cloud, deep CDR, and adaptive sandbox appropriate. We are seeking more service partners for Opswat's professional services to ensure smooth implementation.

Before choosing MetaDefender, we considered alternatives such as Reversing Labs but found their offerings to be inferior, especially for our defense and central government contracts, where Opswat stands out as far superior.

To achieve a perfect score of 10, MetaDefender would need to cater to every partner's ability to sell. While the price is a consideration, the benefits of scanning, removing, detecting, and sandboxing outweigh it significantly.

I advise those considering MetaDefender to reach out to reseller partners for guidance on file sanitization and to explore setting up a proof of concept to see the value MetaDefender brings, with demos available directly on their website.

My overall rating for this solution is 9.