Advanced Malware Detection Module

Detect Malware, Even in Compliant Devices

The OESIS Framework’s Malware Detection Module use process scanning, connection scanning, and repeated threat reporting to provide an additional layer of malware detection. These comprehensive features may find malware that endpoint anti-malware applications have missed or could not remediate. This module looks for indications of whether an endpoint is infected, even though it complies with security policies and regulations.

Highlights

Process Scanning

The Malware Detection Module enables your organization to scan all running processes and their loaded libraries. You can send binaries of running processes on endpoints to a remote MetaDefender server or MetaDefender Cloud for signature and heuristic scanning by the multiple anti-malware engines included in your license. This may identify threats that the anti-malware product installed on the endpoint missed. Your organization can accelerate process scanning by configuring MetaDefender’s caching feature to only scan binaries that have not yet been analyzed.

Connection Scanning

The Malware Detection Module enables your organization to scan all active network connections. It can detect all remote IP addresses connected to a device and compare those IPs to results that tens of IP reputation sources integrated within MetaDefender Cloud have reported. Each IP reputation source compares and categorizes the addresses according to the confidence rating of the IP. Identifying suspect IPs and comparing the confidence ratings of their sources can enable solutions that use the Malware Detection Module to better detect malicious connections.

Repeated Endpoint Threats Reporting

Repeated endpoint threats occur when users repeat the same behaviors that create the threat. They also occur when anti-malware applications struggle and fail to remove malware. Knowing about repeated endpoint threats is critical when responding to a serious security breach. The Malware Detection Module integrates tightly with endpoint anti-malware products and leverages that integration to look for repeated threats within each endpoint device. This enables it to uncover persistent threats that the anti-malware application was not able to permanently remove, thereby helping to identify infections that are spreading within your network.

Use cybersecurity that works

Learn more about the technology and get started