White Papers


Protecting Critical Infrastructure from Threats

Since most critical infrastructure facilities are isolated from external networks, administrators rely heavily on portable media to transport files to and from secure areas. Due to this dependence, these devices have become attractive attack vectors for malware-writers, as a means into a secure facility. While some organizations have gone to extreme measures, such as banning peripheral devices, these solutions can limit productivity.

PDF image Download the white paper to learn how defining and utilizing a secure data workflow can detect known threats on media devices and prevent unknown threats from entering critical infrastructure facilities.


Identifying Potentially Unwanted Applications

With an ever-changing threat landscape, certain software applications have become difficult to detect and define as a potential threat by anti-malware technologies. This type of application is commonly known as a potentially unwanted program (PUP) or a potentially unwanted application (PUA). While users may intentionally download PUAs to take advantage of the free features they provide, these applications can contain certain vulnerabilities that, when activated, can compromise the security of a device.

PDF image Download the white paper to learn about the ways to identify potentially unwanted applications and the best practices for determining whether a PUA is present on a machine.


Advanced Threat Detection for Remote Users

More and more employees, vendors and other business partners are working remotely in today’s business world, often using their own devices. As they increasingly request access to the network, system administrators face a greater challenge in ensuring that the network remains secure from unknown threats on remote devices. Advanced threat detection solutions are needed that provide assurance that remote users are secured, while still allowing quick and efficient connections for those users.

PDF image Download the white paper to learn more about how advanced threat detection solutions can be extended to remote users.


Advantages and Challenges of Multi-scanning

The argument to use multiple anti-malware engines is simple: There is no single anti-malware engine that is consistently the most effective at detecting malware. This reality has already led to the development of products such as Microsoft Forefront, Google’s Postini Services, OPSWAT’s Metascan, Cisco Systems’ Iron Port, and others solutions using multiple engines to scan content. However, the benefit of increasing detection rates by utilizing multiple anti-malware engines could come at a price. Challenges such as an increase in exposed engine vulnerabilities, performance degradation and increased false positives may overshadow the benefits.

This presentation will discuss the advantages of using more than one anti-malware engine in a security solution, as well as outline and overview the associated challenges and limitations.

PDF image Download the presentation (PDF) »

View OPSWAT’s CEO delivering this presentation at AVAR 2011 in Hong Kong:


Detection of P2P Applications

A peer to peer (P2P) application, such as BitTorrent, Kazaa, Napster, etc., is software where clients communicate directly with each other over a common network. The application acts both as the client as well as the server. A common use case of a P2P application is file sharing.  Simple file sharing has raised a lot of controversy and questions challenging the usage of P2P applications. An issue that has been raised is the legality of file sharing.

Many files that are being shared between clients do not have authorization of the copyright owner, making it illegal to transfer.  Also, the bandwidth consumption of P2P applications has caused a network delay for users. Computers running P2P applications are also vulnerable to data leaks simply because important information can be easily transferred over a network that may not be tracked or monitored. P2P applications have caused concern in network administrators, forcing them to disable P2P applications from gaining network access.

This document will outline two technologies in detecting P2P applications, client based and network based.

PDF image Download the white paper (PDF) »


C++ Superglue for Antimalware  Applications

The growing number of anti-malware applications present interoperability and security management issues to IT professionals and programmers seeking a common language to classify and manage anti-malware features.

Integrators  conduct research for anti-malware application interfaces; this research is usually time consuming  and includes looking into dll header files, Command Line interface (CLI), C++ or COM API (if available) as well as other techniques, such as modifying registry keys, files and process monitoring.

This research is successful when the number of managed applications is limited to a few, but becomes an engineering challenge as the quantity of applications to be managed increases. This paper addresses the challenges and opportunities surrounding application management.

PDF image Download the white paper (PDF) »


Network Access Control Technologies

Cisco, Microsoft and the Trusted Computing Group are battling to control the keys to locking untrusted endpoints out of networks. Whether you call the approach network access control, network admission control, network access protection, network node validation or trusted network connect, the premise is identical – systems should grant access to the network based on factors such as anti-malware protection level, personal firewall assessment, host and user authentication, location, and even time of day. This paper will:

  • Review network access control technologies delivered by Cisco, Microsoft, Trusted Computing Group and selected non-standard-based solutions such as Nevis Networks and ConSentry Networks.
  • Outline the partnerships between anti-malware companies and each one of the technologies, it will then outline the partnership process and the resources that would be required for each initiative.
  • Compare the processes and list the technical, business and marketing advantages and risks of implementing each network access technology partnership.

PDF imageDownload the white paper (PDF) »



Share this: