- Solutions
File transfer involving secure environments is problematic. OPSWAT's secure transfer process delivers trust across the entire perimeter.
Products
Enterprises struggle with securing unmanaged devices. OPSWAT confirms every device complies with security policies and access is granted with trust.
Products
Cybercriminals frequently upload files through web apps to spread malicious content. OPSWAT combines anti-virus engines to detect the latest threats.
Products
Analyze files with all of the leading anti-malware engines through a single interface.
Products
The majority of malware continues to be initiated via email. OPSWAT Protects Your Organization Against Advanced Email Attacks.
Products
OPSWAT delivers zero-trust visibility, security, and control both inside and outside the traditional network environment with NAC solutions.
Products
Trust no file. Trust no device.AcademyAll 16 critical infrastructure sectors are increasingly at high-risk of cyberattack, yet tens of thousands of mission critical high-paying jobs remain vacant. The OPSWAT Academy was developed to address the CIP cybersecurity skills shortage through courses that promote best practices and a practical approach to successfully implementation in the most secure critical infrastructure environments.
The OPSWAT Academy consists of subject matter courses designed for the learner to build up their expertise using a phased approach.
For current OPSWAT customers, the Academy also includes advanced training courses for greater ease-of-use efficiency when operating and maintaining all OPSWAT products and services.
Available Certifications
Each discipline certification is awarded for one year upon passing the exams on that discipline's courses in OPSWAT Academy.
In order to maintain active OCIPA Certification, make sure you stay current on all OPSWAT's individual discipline certifications.
Trust no file. Trust no device.PartnersA Service that verified compatibility and effectiveness of endpoint next-gen anti-malware, anti-malware and disk encryption products.
Enhance threat prevention by integrating OPSWAT technologies. OPSWAT partners with technology leaders offering best-of-breed solutions with the goal of building an ecosystem dedicated to data security and compliance using integrated solutions.
Categories
Our partner program is aimed at providing the most effective and innovative products and tools to help accelerate your business.
Trust no file. Trust no device.CompanyTrusted by over 1,000 organizations worldwide to provide effective cyber security solutions.
Our products are trusted by over 1,400 organizations worldwide to protect their digital assets and keep their data flow secure.
We are always looking for intelligent and creative people with a passion for security to join our team. Join us to help protect worldwide Critical Infrastructure.
Find OPSWAT at trade shows and conferences to learn how our cybersecurity solutions can protect your organization against cyber attacks.
Announcements and perspectives on next generation cybersecurity, vulnerabilities, and the cloud.
Announcements and perspectives on next generation cybersecurity, vulnerabilities, and the cloud.
Trust no file. Trust no device.SupportWork with our product experts to ensure that you have the appropriate configurations, best practices, and proper training to take full advantage of the power of OPSWAT.
Create and manage tickets with OPSWAT Support, download products and version updates, and view your license information.
Trust no file. Trust no device.Trust no file.
Trust no device.
Threat Intelligence Feed
OPSWAT's threat intelligence feed enables organizations to leverage real-time malware data collected by the MetaDefender Cloud platform from all around the world. Organizations integrate our up-to-date threat intelligence into their existing tools or solutions to protect their infrastructure against threats.
Why Threat Intelligence?
Threat Intelligence starts with the collection of information. Since 2012, OPSWAT gathers malware data from a wide range of sources: free users, customers, our OEM community, and other cybersecurity vendors. The result is a massive online database of malware hashes and malware-related information that can be cross-referenced.
Threat Intelligence Benefits
- Prevention & Mitigation - Threat Intelligence provides info about the newest threats, in order to identify, prevent and mitigate them
- UpToDate - The feed is continuously updated to make sure your organization is protected from the latest threats
- Fortified Infrastructure - “Security products leverage threat intelligence capabilities to harden security measures
How Do SecOps Benefit from the Threat Intelligence Feed
- Adding context and priority to global threats in order to see beyond the typical attack lifecycle
- Enhance security and risk management infrastructure, by building proactive defenses, prioritizing alerts, and improving incident response
- Qualify threats disrupting business, based on file category, malware family and type
Getting Started
The Threat Intelligence Feed contains the latest detected malware hash signatures, including MD5, SHA1, and SHA256. Our feed is updated instantly with malware to provide actionable threat intelligence. Data is delivered in JSON format using REST API calls and is configurable using query parameters:
Integration example – consume our threat intelligence feed programmatically:
curl -X GET \
'https://api.metadefender.com/v4/feed/infected/latest?page=1' \
-H 'apikey: ${APIKEY}'
var request = require("request");
var options = { method: 'GET',
url: 'https://api.metadefender.com/v4/feed/infected/latest',
qs: { page: '1'},
headers: {
apikey: process.env.APIKEY
}
};
request(options, function (error, response, body) {
console.log(body);
});
import requests
import os
url = "https://api.metadefender.com/v4/feed/infected/latest"
querystring = {"page":"1"}
headers = {'apikey': os.environ["APIKEY"]}
response = requests.request("GET", url, headers=headers, params=querystring)
print(response.text)
require 'uri'
require 'net/http'
url = URI("https://api.metadefender.com/v4/feed/infected/latest?page=1")
http = Net::HTTP.new(url.host, url.port)
request = Net::HTTP::Get.new(url)
request["apikey"] = ENV['APIKEY']
response = http.request(request)
puts response.read_body
package main
import (
"fmt"
"net/http"
"io/ioutil"
"os"
)
func main() {
url := "https://api.metadefender.com/v4/feed/infected/latest?page=1"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("apikey", os.Getenv("APIKEY") )
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(string(body))
}
$uri = 'https://api.metadefender.com/v4/feed/infected/latest?page=1'
$headers = @{}
$headers.Add('apikey', $env:APIKEY)
$result = Invoke-WebRequest -Uri $uri -Headers $headers -UseBasicParsing
Write-Output $result.content
Available query parameters (all optional):
- page – selects the page of the feed to be retrieved, containing 1,000 threats. If omitted, defaults to the first page
- category - only include files of a certain category, like documents or APKs. See the documentation for a full list of categories
- date - the feed can be queried to return hashes from up to one year. Defaults to today
Threat Intelligence Feed Versions
| Features | Free | Commercial |
|---|---|---|
| Threat Name | ✓ | ✓ |
| File Type | ✓ | ✓ |
| Category | ✖ | ✓ |
| Historical Data | ✖ | Up to one year |
| Malware Signatures | 1,000 | Unlimited |
Log into your portal account or register if you don’t have an account to receive a MetaDefender Cloud API key. For more developer options, please see the API documentation here.