SaaS (software as a service) solutions are regarded as the backbone of modern business operations due to their cost-effectiveness, scalability, accessibility, and ease of use.
Unfortunately, the industry is facing an alarming number of cyberattacks; SaaS breaches increased by 300% in a timespan of 12 months; from September 2023 to the end of 2024.
Our customer, a leading SaaS provider with 700 million users worldwide, who powers virtually every creative and content-driven enterprise worldwide, recognized the seriousness of the situation.
The first issue was their centralized platform, where developers uploaded code, libraries, and dependencies, thus increasing the attack surface.
However, they lacked security tools fast enough to keep up with the upload volume, missing risks hidden in complex builds.
Post-upload scans weren’t feasible either, as they would have slowed development and hurt competitiveness.
The customer chose MetaDefender Core to scan every file within uploaded software builds for potentially malicious content, detecting and sanitizing embedded threats such as malware, scripts, or exploit payloads before the files are accepted into the platform.
Through OPSWAT’s solutions, the customer ensured that all software builds were free of malware and vulnerabilities before reaching customers, all while preserving development speed.
Broad Attack Surface, Unfit Security Tools, and Workflow Bottlenecks
The customer had serious concerns regarding multiple aspects of their platform, current setup, and delivery speed.
- Expanded attack surface – since a single platform was used for all software builds upload for testing and release, thousands of files needed to be cleared of any vulnerabilities before reaching customers.
- Outpaced tools – there was a security setup in place, but it was overwhelmed by the speed and diversity of uploads. This exposed the entire platform to security risks, as files couldn’t be scanned at the same rhythm as software builds were uploaded.
- Workflow bottlenecks – because files were not scanned at the point of upload, security checks had to occur later in the process, introducing delays and increasing the risk of malicious files progressing deeper into the development workflow.
Eliminating Zero-Day Malware, Validating Third-Party Uploads, and Blocking Risky Dependencies before Testing
MetaScanMultiscanning
MetaScan Multiscanning allows you to scan files with over 30 anti-malware engines on-premises and in the cloud.
The more AV engines added, the greater the detection rates; with MetaScan Multiscanning, customers achieve detection rates greater than 99%.
Adaptive Sandbox
OPSWAT’s Adaptive Sandbox technology detonates evasive malware in a controlled environment, exposing malicious behavior and zero-day attacks within workflows.
File-Based Vulnerability Assessment
OPSWAT's File-Based Vulnerability Assessment technology detects application and file-based vulnerabilities before they are installed.
Our patented technology correlates vulnerabilities to software components, product installers, firmware packages, and many other types of binary files, which are collected from a vast community of users and enterprise customers.
All these solutions, delivered through MetaDefender Core, empowered the customer to:
- Scan every file within a software build with multiple anti-malware engines, ensuring no threat evades detection. These scans were focused on high-risk components like executables (Windows EXE, macOS DMG) and script files.
- “Suspicious builds are “executed” in controlled environments using application emulation, which replicates the necessary conditions for malware to exhibit its behavior. This approach is critical for catching zero-day malware posing as legitimate code.
- Check all third-party libraries (e.g., npm, PyPI packages) against databases of known Common Vulnerabilities and Exposures. Risky dependencies are blocked before those builds proceed to testing.
Eliminating Blind Spots, Preserving Productivity, and Aligning to Global Security Standards
With MetaDefender Core, the customer can now scan entire software builds at the point of upload. This empowers them to validate thousands of files and ensure they’re safe to use, eliminating blind spots in file interactions.
The scans are automated, and they integrate seamlessly into the upload workflow, preserving developer productivity and release timelines.
With this system in place, releases are trusted as malware-free, and the customer can stay compliant with global security standards.
The customer’s concerns regarding cybersecurity were 100% valid, considering the current threat landscape.
Their diligence in empowering development teams to build secure products and services perfectly aligned with OPSWAT’s commitment to deliver market-leading technologies that protect critical environments.
If your company needs a strong partner in your threat prevention strategy, contact us today
