As part of our commitment to society, our people and the environment, OPSWAT Inc. completes a thorough assessment of its business sustainability practices every year through EcoVadis. The EcoVadis assessment includes 21 sustainability criteria accross four core themes: Environment, Labor & Human rights, Ethics, and Sustainable Procurement. In our latest EcoVadis rating, which was issued on July 29, 2024, we earned a "Committed" badge which demonstrates our progress toward sustainability

OPSWAT has achieved ISO 9001:2015 Certification to support the quality management system (QMS) supporting the definition, design, development, production, and maintenance of OPSWAT product and support offerings. The certification was performed by Schellman & Company, LLC, an ANAB accredited Certification Body based in the United States.

In accordance with the statement of applicability, version 1.7, dated August 19, 2024, OPSWAT maintains ISO/IEC 27001:2013 certification scoped to the information security management system (ISMS) supporting the management of the infrastructure and services (information, software, databases, hardware, and employees) used to support the following services:

• MetaDefender Cloud
• MetaDefender IT Access

Note - Please note that effective March 26, 2025, MetaDefender IT Access has been rebranded to My OPSWAT Central Management. To learn more about the rebranding, please see the Release Note for My OPSWAT Central Management and the Product Rebranding Note For MetaDefender IT Access.

SOC for Service Organizations reports are designed to help service organizations that provide services to other entities, build trust and confidence in the service performed and controls related to the services through a report by an independent CPA. SOC 2 controls are evaluated at a Service Organization that is relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy related to systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. OPSWAT has been evaluated to SOC2 certification for MetaDefender Cloud and MetaDefender IT Access services by Schellman & Company, LLC.

Please note that effective March 26, 2025, MetaDefender IT Access has been rebranded to My OPSWAT Central Management. To learn more about the rebranding, please see the Release Note for My OPSWAT Central Management and the Product Rebranding Note For MetaDefender IT Access.

SOC for Service Organizations reports are designed to help service organizations that provide services to other entities, build trust and confidence in the service performed and controls related to the services through a report by an independent CPA. SOC 2 controls are evaluated at a Service Organization that is relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy related to systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. OPSWAT has been evaluated to SOC2 certification for MetaDefender Cloud and MetaDefender IT Access services by Schellman & Company, LLC.

Please note that effective March 26, 2025, MetaDefender IT Access has been rebranded to My OPSWAT Central Management. To learn more about the rebranding, please see the Release Note for My OPSWAT Central Management and the Product Rebranding Note For MetaDefender IT Access.

Common Criteria is an international standard for evaluating and certifying the security features of information technology products. EAL based Common Criteria evaluations focus on internal processes and design documentation and EAL is an indication of the level of process applied to the product and vendor being evaluated.

The following OPSWAT products have completed an EAL evaluation and are certified under Common Criteria:

• MetaDefender Optical Diode
• MetaDefender Unidirectional Security Gateway

The following OPSWAT products use third-party hardware components that have completed an EAL evaluation and are certified under Common Criteria:

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender Industrial Firewall
• MetaDefender OT Security
• MetaDefender OT Access

MetaDefender® Core Platform was evaluated by an independent third party and determined to be compliant with Web Content Accessibility Guidelines (WCAG) 2.1 levels A and AA, the Revised 508 Standards, and the EN 301 549 Accessibility requirements for ICT products and services, versions 3.1.1 and 3.2.1 as of September 18, 2023.

For more information, please see the Voluntary Product Accessibility Template (VPAT) for MetaDefender® Core Platform.

OPSWAT products marketed in the European Union comply with all applicable European Union (CE) directives if such products have a CE marking. As detailed in the applicable product documentation and user manuals, the following OPSWAT products currently bear the CE mark: 

• MetaDefender Optical Diode
• MetaDefender Unidirectional Security Gateway
• Metadefender Bilateral Security Gateway
• MetaDefender Industrial Firewall
• MetaDefender Media Firewall

The following OPSWAT products include third-party hardware components that bear the CE mark, as described in our product documentation:

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender OT Security
• MetaDefender OT Access

FCC Part 15 Rules set limitations to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. Certain OPSWAT products have been tested and verified to comply with part 15 of the FCC Rules. Please review the applicable product documentation to understand the the limitations and use instructions for each OPSWAT product bearing the FCC mark, including:

• MetaDefender Optical Diode 1U
• MetaDefender Optical Diode Din Rail
• MetaDefender Optical Diode CE
• MetaDefender Unidirectional Security Gateway
• Metadefender Bilateral Security Gateway
• MetaDefender Industrial Firewall
• MetaDefender Media Firewall

The following OPSWAT products include third-party hardware components that bear the FCC mark, as described in our product documentation:

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender OT Security
• Metadefender OT Access

The UKCA (UK Conformity Assessment) mark, as seen on certain OPSWAT Products placed on the market in Great Britain (England, Scotland, and Wales), indicates that the product meets the necessary requirements under relevant UK legislation. Currently the following OPSWAT products bear the UKCA mark, as described in our product documentation:

• MetaDefender Optical Diode 1U
• MetaDefender Optical Diode DIN Rail
• MetaDefender Unidirectional Security Gateway
• MetaDefender Bilateral Security Gateway
• MetaDefender Transfer Guard
• MetaDefender Industrial Firewall
• MetaDefender Media Firewall

The following OPSWAT products include third-party hardware components that bear the UKCA mark, as described in our product documentation:

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender OT Security
• MetaDefender OT Access

The UL (Underwriters Laboratories) Mark, as seen on certain OPSWAT products, indicates that the product carrying the UL mark has undergone testing and evaluation to ensure it meets certain safety requirements, such as those for electric current, fire safety, and other relevant areas. Currently, the following OPSWAT products bear the UL mark, as described in our product documentation:

• MetaDefender Optical Diode 1U
• MetaDefender Optical Diode DIN Rail
• MetaDefender Unidirectional Security Gateway
• MetaDefender Bilateral Security Gateway
• MetaDefender Industrial Firewall
• MetaDefender Media Firewall

The following OPSWAT products use third-party hardware components that bear the UL mark, as described in our product documentation

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender OT Security
• MetaDefender OT Access

The ETL Mark signifies that a product carrying the mark has been independently tested and found to meet applicable safety standards recognized in North America and the EU, including standards for electrical safety, fire hazards, and mechanical integrity.

The following OPSWAT products bear the ETL mark, as described in our product documentation:

• MetaDefender Optical Diode XE
• MetaDefender Optical Diode SE
• MetaDefender Optical Diode CE

Class I, Division 2 (C1D2) certification indicates that a product is safe for use in hazardous environments, or where flammable gases may be present under abnormal conditions. The following OPSWAT products have been evaluated and certified for use in C1D2 environments, as described in our product documentation:

• MetaDefender Optical Diode DIN Rail
• MetaDefender Industrial Firewall

The VCCI mark indicates compliance with the technical standards for electromagnetic interference as set by the Voluntary Control Council for Interference in Japan. MetaDefender Media Firewall is in compliance with these standards and bears the VCCI Mark when sold in Japan.

WEEE (Waste Electrical and Electronic Equipment) compliance ensures that products are designed for proper end-of-life recycling and disposal in accordance with European Directive 2012/19/EU. OPSWAT supports environmentally responsible practices and product stewardship, including labeling and documentation to assist in the safe collection, treatment, and recycling of electronic waste.

The following OPSWAT products are WEEE compliant, as described in our product documentation:

• MetaDefender Optical Diode 1U
• MetaDefender Unidirectional Security Gateway
• MetaDefender Bilateral Security Gateway
• MetaDefender Industrial Firewall
• MetaDefender Media Firewall

The following OPSWAT products use third-party hardware components that are WEEE compliant, as described in our product documentation:

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender OT Security
• MetaDefender OT Access

RoHS (Restriction of Hazardous Substances) compliance indicates that a product meets the requirements of the European Union Directive 2011/65/EU (and its subsequent amendments), restricting the use of certain hazardous substances in electrical and electronic equipment. The following OPSWAT products are RoHS compliant, as described in our product documentation:

• MetaDefender Optical Diode 1U
• MetaDefender Optical Diode XE
• MetaDefender Optical Diode SE
• MetaDefender Optical Diode CE
• MetaDefender Unidirectional Security Gateway
• MetaDefender Bilateral Security Gateway
• MetaDefender Industrial Firewall

The following OPSWAT products use third-party hardware components that are RoHS compliant, as described in our product documentation:

• MetaDefender Kiosk
• MetaDefender Transfer Guard
• MetaDefender OT Security
• MetaDefender OT Access

Japan's Electrical Appliance and Material Safety Law (DENAN) requires certain electrical products entering the Japanese market to bear the PSE mark, which confirms compliance with relevant safety standards. OPSWAT’s products are not classified as electrical appliances subject to the PSE certification, and therefore, they do not bear the PSE mark themselves. However, OPSWAT ensures that third-party components used with our products comply with applicable international standards (such as PSE certification, where applicable).

Currently, the following OPSWAT products include third-party-manufactured adapters, which have been assessed for and are marked with the PSE mark, when sold in Japan:

• MetaDefender Optical Diode (DIN Rail)
• MetaDefender Industrial Firewall IF4-P (DIN Rail)
• MetaDefender OT Security (Network Sensor)

These adapters are provided with our products without modification, and in a manner that does not alter their certified design, function, or compliance status.