MD Core Engine Features
OPSWAT Filescan's Sandbox technology is available as part of an integration with MD Core. The integration is available with two different engine types: embedded and remote sandbox engine (with full reporting). The embedded engine is deployed with MD Core, similar to other engines (CDR/DLP). The remote engine requires a side-by-side installation of the full OPSWAT Filescan (Sandbox) platform.
| Feature | Embedded Engine | Remote Engine |
|---|---|---|
| Installation OS | Windows, Linux | Ubuntu (Linux) |
| File parsers | Yes | Yes |
| File certificate validation | Yes | Yes |
| Image text analysis (OCR) | Yes | Yes |
| Microsoft Office file emulation | Yes | Yes |
| Powershell script emulation | No | Yes |
| URL emulation (ML based phishing detection) | No | Yes |
| Fuzzy hash lookup | Yes | Yes |
| Google safe browsing | Yes | Yes |
| OPSWAT reputation lookup | Yes | Yes |
| YARA pattern matching | Yes | Yes |
Note: for a full list of engine features of the OPSWAT Filescan (Sandbox) standalone product, then visit here.
Was this page helpful?