Our customer's main product is a commercial search engine, offering contact and business information. Their platform provides real-time data and insights to more than 35,000 companies worldwide. While they don’t store sensitive or personally identifiable information, the data inside the client databases could still be weaponized, in the eventuality of a breach.
Our customer provides information such as work emails, phone numbers, office locations, etc. All can be used for targeted social engineering campaigns, spear phishing, or whaling. These attacks either target a specific group, or high-level corporate officers with fraudulent emails, text messages, or phone calls. The more specific data at their disposal, the more effective hackers are with their campaigns.
A Single Solution for All Compliance, Scalability, Efficiency, and Security Needs
Seamless Kubernetes (GKE) Integration and Strict Compliance
Our customer relies on Google Kubernetes Engine to simplify the deployment, management, and scaling of their containerized applications.
This meant that their cybersecurity solution needed to be highly available after the Kubernetes integration, as well as compliant with strict demands.
Balancing Scalability with Resource Efficiency
With customer-facing features such as file uploads and PDF scans, our customer needed a solution which could handle between 3000 and 6000 daily file scans. However, the solution needed to be flexible enough to support scalability needs, and allocate resources efficiently, so it wouldn’t hurt workflows.
Customizable Threat Detection
Customizing threat detection demanded adding engines like CrowdStrike or Sophos and preparing for future modules like Deep CDR. Our customer needed a solution which would allow for seamless adoptions of new engines, without cannibalizing resources.
Providing Advanced Threat Detection and Prevention while Fully Adapting to Client Needs
Recognizing both the imperative need to protect their data, and the highly specific needs of their environment, our client implemented MetaDefender Core combined with Metascan Multiscanning, and Deep CDR technologies into their security strategy.
Metascan Multiscanning
Metascan Multiscanning detects over 99% of known and unknown malware embedded in files.
Flexible file scanning provides real-time and on-demand protection, utilizing behavioral analysis, signature-based detection, and heuristics to detect and block unknown threats. Metascan utilizes a massive database of known virus signatures and heuristic algorithms to detect malicious code wherever threats emerge.
Deep CDR
Deep CDR sanitizes files in milliseconds, ensuring optimal security with uninterrupted workflows. It disarms unknown and zero-day threats by extracting potentially harmful scripts, embedded macros, and out-of-policy content from over 180 file types.
Deep CDR recursively sanitizes deeply nested file formats, and can be customized to integrate with gateways, WAFs (web application firewalls), and file upload platforms while maintaining operational efficiency.
It's also the first CDR technology to achieve a 100% protection and accuracy score from SE Labs.
With seamless integration into their cloud infrastructure, our solution offered:
- The high availability needed, achieved through MetaDefender Core Linux MAX Engines running across GCP instances for development, staging, and production.
- Advanced threat detection and risk assessment through Embedded Sandbox and File Vulnerability Assessment.
- Compliance with zero file persistence and private scanning requirements.
- Real-time monitoring without putting data at risk through the Syslog and DataDog integration.
Over 6000 Daily Scans without Compromising Workflow Efficiency or Data Compliance
OPSWAT’s trademark technologies met all cybersecurity requirements the client needed.
- Advanced scanning and sanitization eliminated file-borne threats before reaching critical environments.
- Successfully scaled to 6,000+ daily scans with efficient resource allocation in Kubernetes.
- Met internal governance, risk, and compliance (GRC) requirements.
- Produced audit-ready logs for both Splunk and DataDog environments.
- Purpose-built solution, designed to seamlessly adopt new threat detection engines and modules without costly rework.
When data is power, no environment is truly safe from malicious actors lurking around the perimeter.
Being a globally trusted, renowned SaaS company, the client couldn’t take any risks in terms of data privacy and security.
At the same time, they couldn’t compromise performance for unmanageable systems that would require constant rework for any updates.
MetaDefender Core provides impenetrable defenses against file-borne attacks, delivered upon a flexible architecture.
To see how OPSWAT technologies can help your organization, talk to our experts.
