Cloud security is under constant pressure as cyberthreats grow increasingly more sophisticated. The average organization blocks 35 email-based threats per 1,000 emails daily, while global spending on cybersecurity solutions is expected to surpass $300 billion by 2026. For leading cloud-enabled security providers, balancing high throughput with precise threat detection is critical to maintaining client trust and operational efficiency.
A U.S.-based global provider of cloud-enabled security solutions faced this challenge head-on. Processing millions of files daily across their email and web security platforms, they struggled with the scalability and cost-effectiveness of traditional sandboxing tools. Existing solutions slowed under high volumes of productivity files—like PDFs, Office documents, and image attachments—hindering their ability to keep pace with growing customer demands.
Enter OPSWAT’s MetaDefender Sandbox: an adaptive, emulation-based malware analysis solution built to meet the speed, accuracy, and scalability demands of modern cloud environments. By integrating this next-gen technology, the company drastically reduced file processing times, enhanced detection accuracy, and cut operational costs—all while maintaining their commitment to exceptional cloud security.
Requirements for the New Solution
The company didn’t have to come to conclusions on their own; with the help of OPSWAT’s expertise and consultative support, not only did they glean a better understanding of how their challenges broke down, but it also allowed OPSWAT to truly tailor the solution to meet those challenges:
- Scalability to handle daily traffic and peak volumes across multiple geographic regions.
- Cost-Efficiency to avoid the prohibitive costs associated with VM-based sandboxing solutions.
- Accuracy and Speed for handling productivity files, such as PDF, Office files, and image attachments, with fast threat detection and minimal false positives.
- Cloud Compatibility for easy integration into the company’s existing AWS environment.
While the company explored various alternatives first, they ultimately decided to trial MetaDefender Sandbox from OPSWAT.
We needed a solution that could scale to meet our growing demands while keeping costs under control. Traditional sandboxing was effective but became unsustainable as our data processing needs grew.
Security Operations Lead
Implementing Next-Gen Malware Analysis
MetaDefender Sandbox was seamlessly integrated into the customer’s cloud-based pipeline to identify and block threats in email and web traffic. Leveraging multiple layers of analysis, including static, dynamic, and reputation checks, the sandbox quickly identifies threats in common attachment types such as PDFs, Office files, and images. The emulation-based approach enables the company to bypass resource-heavy VM analysis for over 80% of incoming files, reducing average scan times from several minutes to under 20 seconds—a time savings of over 70%. Additionally, this shift has led to a significant reduction in cloud processing costs, cutting operational expenses associated with VM-based sandboxing by approximately 60%.
These tangible improvements have not only enhanced their threat detection capabilities but also delivered measurable efficiency and cost savings at scale.
Integrating MetaDefender Sandbox into our pipeline was seamless. We were able to reduce analysis times dramatically, handling most files in under 20 seconds. This improvement allowed our team to focus on more critical threats, rather than getting bogged down by routine analysis.
Security Operations Lead
Deployment
One of the key aspects of their decision, the company was able to quickly and easily integrate MetaDefender Sandbox with their existing cloud-based in an AWS environment. With strict data privacy and security protocols, the company successfully integrated MetaDefender Sandbox directly into its cloud processing pipeline, adding it as a quick, dynamic analysis step that streamlined threat detection without compromising accuracy. This multi-layered approach involved the following sequential analysis stages:
- Antivirus Engines: Conduct quick static analysis.
- MetaDefender Sandbox: Provides a fast dynamic analysis, identifying potential threats with a verdict that quickly allows or restricts files.
This configuration enabled MetaDefender Sandbox to process the majority of files quickly, with only a small percentage moving to the slower VM-based sandbox if flagged for further investigation. The system was optimized for productivity files, the most common in business environments, significantly reducing the cost of threat analysis.
OPSWAT’s engineering team was incredibly supportive during the deployment process, working closely with our in-house teams to get the system up and running quickly. Their flexibility and expertise were invaluable in ensuring a smooth transition.
Security Operations Lead
Key Results
Since implementing MetaDefender Sandbox, the cybersecurity provider has achieved substantial improvements in performance, scalability, and cost-effectiveness, benefiting from:
- High Throughput: Processing up to 250,000 files per day in four AWS regions, MetaDefender Sandbox supports global scale with consistent performance and fast scan times (averaging 20 seconds per file).
- Cost Savings: With MetaDefender Sandbox reducing the reliance on costly VM-based sandboxes, the company has seen substantial reductions in their operational costs.
- Enhanced Detection Accuracy: False positives have decreased, with MetaDefender Sandbox leveraging machine learning to self-correct over time. This capability has allowed the company to maintain high detection efficacy with minimal manual intervention.
- Improved Efficiency: The company now blocks threats earlier in their pipeline, reserving VM-based analysis only for high-risk files, resulting in faster overall processing times and reduced manual workload for security analysts.
- Increased Productivity: MetaDefender Sandbox’s faster threat detection freed up valuable time for the company’s security analysts, greatly reducing their overall workload.
By reducing our reliance on VM-based sandboxing, we cut costs by over 80%. MetaDefender Sandbox provided a faster, more accurate detection layer that didn’t sacrifice security performance, even at peak volumes
Security Operations Lead
The company also reported that deployment and scaling efforts were supported effectively by OPSWAT’s engineering team, who collaborated closely with their in-house DevOps and security engineers to deploy MetaDefender Sandbox under a compressed timeline.
The reduction in false positives has been a game-changer for our analysts. MetaDefender Sandbox’s accuracy allowed us to maintain high detection efficacy with minimal manual intervention, improving our team’s overall efficiency.
Security Operations Lead
A More Secure Tomorrow
Following the success of MetaDefender Sandbox, the company is exploring additional use cases and plans to expand its integration across more products in their portfolio. They’ve seen the impact of MetaDefender Sandbox as a powerful anti-malware solution that enables more efficient analysis of incoming threats and are now considering deploying it across other business units. This expansion offers the potential to further amplify cost savings, operational efficiency, and scalability, as the solution continues to streamline threat detection across an increasing volume of files and diverse workflows.
With MetaDefender Sandbox, the cybersecurity leader can confidently provide customers with faster and more accurate protection against email and web-based threats, while reducing the operational complexities and costs traditionally associated with VM-based sandboxing. Their investment in OPSWAT’s solution reflects a commitment to maintaining a high-performance security stack that can evolve and scale as cybersecurity threats continue to grow. Looking ahead, the company anticipates that the broader implementation of MetaDefender Sandbox will unlock additional efficiencies and drive sustained cost reductions, ensuring they remain agile in addressing future challenges.
MetaDefender Sandbox has proven to be an essential part of our security stack, allowing us to scale up quickly as threat volumes increase. We’re excited to expand its use across more of our products, giving our customers even stronger protection against emerging threats.
Security Operations Lead
Experience the power of OPSWAT’s malware analysis capabilities for free— gain free access to advanced threat analysis tools and exclusive cybersecurity insights by joining the filescan.io community.
