Real-time Malware Analysis for Embedded Content

OPSWAT and InQuest have partnered to offer our government and defense customers an in-depth malware detection and analysis tool. This exciting new combination of InQuest’s network session inspection and analysis capabilities, along with Metascan’s robust static analysis functionalities, enables the near real-time investigation of files coming into a network, including those with embedded content. 

Defense In-Depth

Threats from malware have become more complex and pervasive. Perimeter security defenses are no longer effective enough for securing networks from threats embedded within files and email attachments. The new partnership that pairs the InQuest platform with Metascan ensures that malware is unable to evade your defenses. Leveraging InQuest’s patent-pending identification and transformation of files coming into the network, and Metascan’s signature and heuristic-based ability to analyze files quickly, across many anti-malware engines, provides administrators with the in-depth defense necessary to detect new, complex attacks.

InQuest offers an innovative post-processing technique that, when applied to files and network sessions, provides an in-depth analysis of even the most creative combinations of obfuscation. Files that are deemed suspicious are then scanned via the Metascan integration, which quickly determines whether a file is malicious. Data on malicious files is then cataloged, and can be reported and tracked via the SIEM integration.

“The main benefit we see of using Metascan is that we are able to run files through up to 30 anti-malware engines locally, eliminating the risk of accidental leaking of confidential information to outside servers. There is no other commercial solution on the market that allows us to do that today. By integrating InQuest and Metascan, the customer now has the ability to automatically send all files received via HTTP or SMTP to Metascan, and see the results in real-time via the InQuest UI or syslog”, says Mike Arcamone, CEO and Founder of InQuest.

Detect and Prevent Threats

Metascan ensures that the platform can quickly scan files and email attachments with multiple anti-malware engines to detect and block threats. Combining up to 30 anti-malware engines from vendors such as Kaspersky Lab, Trend, Symantec, McAfee, ESET, and many others, Metascan’s multi-scanning technology significantly increases the rate of detection for all types of malware without the hassle of licensing, integrating, and maintaining multiple anti-malware engines. Engines that are integrated into the Metascan solution are optimized for fast, high performance, simultaneous scanning.

“Detecting and preventing threats has become increasingly difficult in large, complex organizations. We wanted to develop a solution that allowed rapid, in-depth analysis of files before they entered the network,” says Benny Czarny, CEO and Founder of OPSWAT. 

To find out more about this new solution, and the partnership between OPSWAT and InQuest, come by our booths at HP Protect 2014 in Washington, DC, September 8th – 11th. OPSWAT will be exhibiting at booth 303, and InQuest will be at booth 402.

Sign up for Blog updates

Get information and insight from the leaders in advanced threat prevention.