We utilize artificial intelligence for site translations, and while we strive for accuracy, they may not always be 100% precise. Your understanding is appreciated.
Home/
Blog
/
The Battle for the Organization's Gateway
While traditional security solutions focus on protecting computers during operation, OPSWAT offers a complementary solution targeting a key vulnerability: file entry from external sources via USB or downloads.
by
Assaf Levanon from TheMarker publication
Share this Post
In today's era, information security is not just a matter of technology—it is also about awareness. Every business, large or small, must think about cybersecurity and see it as an investment rather than an expense. With this understanding, OPSWAT emerged as a leader in protecting critical infrastructures. The company achieves this through innovative technologies that address complex cyber threats. Its goal is not only to detect and block threats but also to help organizations comply with stringent regulations, reduce risks, and protect critical systems intelligently and effectively.
Out of this vision came the MetaDefender Endpoint, designed to complement the existing and widespread security systems in organizations, such as antivirus and EDR (Endpoint Detection and Response). This product does not replace them but adds to them to address areas where these systems are weaker.
"The reason we say there's a need for an additional protection product is that there are places where traditional products fall short, leaving organizations less protected than possible," says Itay Bochner, Director of Product Management at OPSWAT. "MetaDefender Endpoint provides high-quality protection, especially for organizations' critical infrastructures. In particularly sensitive sectors—security, law enforcement, finance, energy, and healthcare—its necessity is acute. Not only does it enhance protection, but it also ensures compliance with regulatory requirements."
What Vulnerabilities Does the Tool Address?
"The first is the entry of files from external sources, such as removable USB drives and external disks. In most organizations, this is a less protected channel that doesn't get enough attention. Traditional products focus on analyzing the behavior of the endpoint during operation but place less emphasis on securing materials entering from external sources. We provide tools to monitor, block, and scan all files coming from such media. This reduces the likelihood of threats like ransomware or viruses spreading across the corporate network."
How Does It Work?
"We allow system admins to define three modes of operation. In the first, the end user connects the portable device, views its content, but any file they try to run is first scanned by MetaDefender Endpoint. Only after it is deemed clean can it be executed. The second mode completely blocks access to the removable device until it is fully scanned, after which it becomes fully accessible. These options cater to situations where scanning thousands of files might be time-consuming, especially if the user only needs one file. The third option is complete blocking of removable devices—nothing external can be accessed. This is common in security organizations or production networks disconnected from IT networks or the internet and connected only through ultra-secure methods."
Enforcing Information Security Policies
The second vulnerability addressed by MetaDefender Endpoint is external file downloads to the endpoint via browsers, software, and communication apps. Many corporate security systems struggle to monitor such downloads, but OPSWAT's tool intercepts files as they are downloaded and scans them in advance.
Bochner explains: "Our technology scans files, analyzes their contents, and neutralizes existing threats. This gives organizations full control over all external inputs—removable media and online downloads. We have clients who use segregated networks requiring data transfer via portable devices. Some companies even use their own pre-approved USB drives while blocking all others. Our product supports all these approaches."
MetaDefender Endpoint also assists organizations in complying with regulatory requirements, known as compliance. It sits on the endpoint and ensures adherence to the organization's security policies. "Findings are displayed clearly and graphically, with a compliance score. The organization can decide whether it meets its defined policy or not, and enforce security measures accordingly," Bochner emphasizes.
Using antivirus software typically offers a 45% threat detection rate. With MetaDefender Endpoint, that rate jumps to 99.39%.
Itay Bochner
Director of Product Management at OPSWAT
What Makes MetaDefender Endpoint Unique?
"The product is based on our unique Multiscanning technology, using approximately 30 antivirus engines from various companies we have licensing agreements with. Instead of relying on a single engine, we combine the knowledge of dozens of technologies, significantly increasing the likelihood of detecting infected files. Typically, antivirus software has a 45% chance of identifying a threat. Using MetaDefender Endpoint increases that to 99.39%. This sharp difference drastically reduces the chance of missing threats. Despite the increased detection quality, scan times are not prolonged, as multiple engines run simultaneously. Additionally, scanning is not performed on the endpoint but on our file scanning server, ensuring that even passive infected files never reach the system. They are first sent to our virtual environment for inspection before being approved for the endpoint."
Another significant advantage is its support for archive files, such as ZIP. "The product can open and scan all contents inside, unlike other antivirus engines that often skip them," Bochner adds.
OPSWAT also specializes in Deep CDR (Content Disarm and Reconstruction) technology, providing protection against Zero-Day attacks—new threats unknown to existing antivirus engines. "Our technology proactively disarms any potentially malicious content from incoming files, such as links or code, and rebuilds a clean, safe version for the user," explains Bochner. "This capability supports over 180 file types, including images, documents, AutoCAD files, and layered files."
Full Control Over System Inputs
MetaDefender Endpoint serves approximately 300 clients, primarily in the security, finance, and energy sectors. For example, Bochner recounts how a large healthcare organization with numerous remote clinics used the product to securely transfer data via portable devices. Similarly, an energy company with distant drilling facilities used the product to scan external technicians' devices, ensuring no malicious files entered their systems.
"One of the product's key advantages is its ability to help organizations meet their specific security requirements," Bochner clarifies. "Admins can define policies, such as mandatory OS updates, browser restrictions, or firewall activation, and the product monitors endpoints to ensure compliance. If deviations are detected, it raises flags and acts accordingly."
Not Just Another Security Software
When asked how MetaDefender Endpoint differs from other security tools, Bochner responds: "As someone with over 15 years of cybersecurity experience, including critical infrastructure protection and serving in the National Cyber Directorate, I can attest that there's nothing like MetaDefender Endpoint. It cannot be compared to traditional antivirus or EDR tools, which focus on real-time endpoint monitoring. We operate only when triggered by external inputs, ensuring security without unnecessary complexity or false positives. With MetaDefender Endpoint, organizations gain a solution that scans, analyzes, and neutralizes threats, providing full control over their systems."
About OPSWAT
For the last 20 years OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, has continuously evolved an end-to-end solutions platform that gives public and private sector organizations and enterprises the critical advantage needed to protect their complex networks and ensure compliance. Empowered by a “Trust no file. Trust no device.™” philosophy, OPSWAT solves customers’ challenges around the world with zero-trust solutions and patented technologies across every level of their infrastructure, securing their networks, data, and devices, and preventing known and unknown threats, zero-day attacks, and malware. Discover how OPSWAT protects the world’s critical infrastructure and helps secure our way of life; visit www.opswat.com.
