MetaDefender Deployments and Integrations

MetaDefender is designed to prevent threats and zero-day attacks independently as well as complement other security solutions. MetaDefender can be deployed within your premises, cloud infrastructure or by integration with MetaDefender Cloud.

Depending on where the data lives, we offer native connectors or ability to integrate via REST API that supports a variety of deployment scenarios. In fact, our recommendation would be to always use native connectors, because it is typically a plug-and-play solution that does not require a code change.

Find the right cybersecurity solution for your organization

ScenarioIdeal solutionBenefits
On-premisesMetaDefender Core
MetaDefender ICAP Server

Deploy on Windows or Linux servers in your environment, even if it is air-gapped.

Easily configure to adjust to each deployment-specific need.

Built-in high-performance architecture & load balancing feature.

SaaSMetaDefender Cloud

24/7 availability

No infrastructure to maintain.

Full benefit of the MetaDefender offering.

Cloud/IaaSMetaDefender Core
MetaDefender Cloud
MetaDefender Core AMI

Flexible licensing and packaging.

Developer friendly REST API.

Private file processing.

Reliable and seamless scalability.

Access to threat intelligence feeds and broader threat prevention data sources.


MetaDefender REST API makes almost any integration straightforward. MetaDefender frequently releases new functionalities, which enrich the API response while guaranteeing the backward compatibility. Below are several integration methods for your consideration.

1. Custom

Although custom integrations are available, the functionality will be limited to the feature set at the time of integration. Even though it would be easy to extend the integration, it requires application changes, and the approval process can be lengthy in some industries.

2. Native Connectors

OPSWAT provides a suite of native connectors that are officially supported. This means that if OPSWAT extends its functionality and introduces new information in its API response, OPSWAT will also swiftly update the integration. By using native connectors, you will always be able to leverage MetaDefender’s full functionality.


One of the most popular native connector solutions is MetaDefender ICAP Server, which offers native integration to most Web Application Firewalls (WAFs), Load Balancers (LBs), and Network Attached Storage (NAS) products. This offers a seamless integration through the ICAP protocol which allows for the ability to offload the uploaded (or downloaded) files for analysis.

Supported ICAP Clients

Have you determined the applicable deployment and integration options for your organization?

Discover more details about the MetaDefender threat prevention suite to define which offerings are right for you

Or schedule a meeting with an OPSWAT technical expert to be advised on how to protect your organization’s infrastructure