OPSWAT MetaDefender Core protects your organization by preventing advanced cybersecurity threats on multiple data channels. MetaDefender Core leverages a number of technologies, including Deep Content Disarm and Reconstruction (Deep CDR), Multiscanning, File-Based Vulnerability Assessment, Data Loss Prevention, and Threat Intelligence.
Many new features and enhancements bring better performance and improved user experience on MetaDefender Core v4.19.1:
- Starting with this release, users can now process a file by just specifying a direct download link (this means no payload in the HTTP(S) request body is required). Both individual file scan and batch processing are supported. Once file analysis request is set up properly, MetaDefender Core will proactively download the file and use it as a payload for further processing.
- New configurable rule for archive sanitization: if any child files inside the original archive are not sanitized, there will be tombstone file(s) added into the processed archive output file. This is to inform users of the removed child file(s) with explanation. Each tombstone file is automatically created and put at the same location as the removed original child file(s) with .tombstone.txt file format.
The administrator can configure this rule by choosing “Add tombstone file during archive sanitization” in Workflow Rules Management.
- The NGINX web server was upgraded to the latest stable version (v1.18.0) in this release, resulting in improved MetaDefender Core performance.
- A comprehensive scan report (in PDF) for individual processed file is now available to download. The report includes detailed file information process results for each stage (Metascan, Deep CDR, Proactive DLP, Vulnerability and YARA).
- A new configurable setting for PostgreSQL connections was added to define the maximum number of concurrent connections to the database server.
- For files residing on devices within the user’s local network (that MetaDefender Core can access and read without any required authentication), the product will help users specify the absolute file path for processing instead of requiring a payload uploaded in the HTTP(S) body. This saves CPU resources and increases processing speed. Until now, the default MetaDefender Core requirement was to upload payload data over HTTP(S) for processing (called “remote scan” with REST interface supported).
- Additional processing time details are now available in the JSON scan report that indicate the processing time of each stage in workflow processing.
From now on administrators have more control over file processing with new workflow rule configurations, including:
- Blacklist and (or) whitelist (by certain filetypes) configurations can be overridden during archive file processing to support specific use cases.
- Skipping hash calculation is configurable to enhance overall processing time, especially useful when processing large files.
- New workflow rule configuration for file-based vulnerability assessment
- New workflow rule configuration for file type analysis
- New configuration to skip any further processing (and block files) in malware scan results
- New configuration to skip further processing (and block files) if actual file type cannot be detected
- Within an isolated environment, MetaDefender Core can now be activated via offline mode without requirement for an enabled network card.
Please see our release notes for many more improvements and updates.
- Product: MetaDefender Core
- Release Date: 21 October 2020
- Release Notes: 4.19.1
Source : https://www.opswat.com/blog/metadefender-core-v4-19-1-release