As of February 2026, MetaDefender Cloud will feature a new capability: Custom Workflows.
What’s New
We’re moving on from predefined processing, allowing our users to design workflows that can adjust file inspection and handling based on file attributes, security operations and organizational policies.
Integration-Specific Workflows
With this new feature, workflows can be defined based on integration type (for example API-only, MDSS + SharePoint, etc.). This way, customers will be able to decide how they want to perform the analysis.
File Type Controls
Users can now block unsupported or unwanted file types or configure file type mismatch detection, based on their security policies.
For example, they can perform scans to specifically detect .exe files renamed as .pdf, and block executables from infiltrating their infrastructure.
Finally, users can now block files with invalid structure, script objects, hyperlinks or invalid digital signatures.
Conditional Security Operations
Users looking for more flexibility in their security operations can now opt out of modules and enable/disable them on a case-by-case basis. With the new update, there’s no code needed to enable this option, as was previously the case.
As a result, users can set specific configurations for each engine. They can now also apply rules such as:
- Trigger sandboxing only if active content has been found by Deep CDR™ TechnologyTM;
- Trigger sandboxing only for certain responses from CDR
- Trigger sandboxing only for certain AV results, previously specified by the user
Advanced File Handling Rules
For more control on scans:
- files over a pre-defined size (set by the user) can be blocked
- recursion depth or child file count limits for archives can be set
- file hash can be used as a criterion for allowing/ blocking files.
Flexible CDR Options
CDR can now run in analysis-only mode, flagging active elements without sanitizing the file. Moreover, users can decide on various sanitization configurations, based on file type.
Enhanced DLP Configuration
For more specific DLP, users can now enable detection for sensitive identifiers such as IBAN numbers or SWIFT codes, as well as define custom PII patterns through regex.
Following this update, users can now adapt MetaDefender Cloud’s Proactive DLP™ technology to the specific data they’re handling.
Optimized Performance, Customized Security, & Consistent Processes Across All Use Cases
The new Custom Workflow feature comes with more granular security approaches, as well as consistent implementation across various use cases.
Customization & Flexibility
Users can now adapt file security processing to specific operational and compliance requirements.
Efficiency & Performance
Sandboxing can be applied only when needed, optimizing cost and processing time. The option to block large or malformed files early in the pipeline reduces resource usage.
Risk-Aligned Security
Users can now define infection probability thresholds for blocking or quarantine. To match the specific risk handling policies of their organization, our customers can layer security steps in sequence (scan → sanitize → sandbox) to match organizational risk handling policies.
Operational Scalability
For painless scaling, inspection policies can now be automated in a cloud-native, reusable workflow model. This ensures consistent enforcement across diverse integrations (SharePoint, OneDrive, API-driven, etc.).
Explore the Newly Released Custom Workflows
With this release, our customers can enjoy increased granularity, automation, and control, aligning MetaDefender Cloud’s inspection logic with their unique risk models, compliance requirements and integration environments.
