MetaDefender Core Engine

MetaDefender Core now fully integrates with OPSWAT Filescan Sandbox (as an engine module), and provide two separate engines:

  1. Sandbox Embedded engine: bundled in MetaDefender Core server, and the engine will process files locally itself.
  2. Sandbox Remote engine: the engine is supposed to send file requests to another remote OPSWAT Filescan Sandbox system for processing. Requiring users to provide proper remote URL and API key.

We need separate MetaDefender Core license key for each engine option (Embedded vs. Remote).

See the required engine dependencies and system requirements of our Filescan engines.
Engine architecture

Engine architecture
Scan process result

Scan process result
Engine detailed result

Engine detailed result

The integration comes with two modes:

  1. Inline: working as a part of MetaDefender Core processing workflow (real-time processing). Allowing users to block entire processing based on OPSWAT Filescan's sandbox engine's outcome and decision.
  2. Out of band: working as a part of MetaDefender Core quarantine (post-investigation processing).Providing additional option to analyze quarantined items along with the existing Threat Intelligence technology.

OPSWAT Filescan Sandbox engine (both Embedded and Remote) provides configurations under workflow rule (for inline mode), and under engine module - Inventory (for out of band mode).
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Changelog

See the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet

On This Page
MetaDefender Core Engine