MetaDefender Reviews

Our use case is for threat protection.

I appreciate the unique features of MetaDefender since it uses multiple scanning in a single engine. The scanning capability, which combines different antivirus and scanning engines integrated into a single engine by OPSWAT, is particularly valuable.

The integration of multi-scanning and Content Disarm and Reconstruction is truly helpful because we can utilize it in other products such as email integration with ICAP capability, and we are also using it in web scanning. The integration is flexible and perfect for our needs.

We are not yet using the expanded file type and archive coverage feature.

Enhanced reporting and audit capabilities are not fully utilized. We use only the simple reporting features, such as viewing viruses that were scanned and found, and how they were removed and disinfected.

At this time, I cannot determine specific areas where MetaDefender should improve because it is already nearly perfect.

We have been using this solution for two years.

I can rate the stability at 10.

One hundred users use the solution.

The technical support can be rated at 9.5 from one to 10, with 10 being the best.

Comparing MetaDefender with other antivirus vendors, it is not comparable because of the unique features of using multiple scanning, which I cannot see in other products.

The engine requires constant updates for analysis purposes, which is why we need to maintain it regularly.

The detection rate of MetaDefender is 99.99 percent. It is truly effective because although we are not relying on signatures for scanning, we rely on the behavior of threats, and they are perfectly removed or we are perfectly protected from that scanning. Even though it is not signature-based and scans based on threat behavior, that approach is effective.

We are using adaptive sandbox analysis. Using sandbox analysis helps describe the impact on analyzing any suspicious files and extends the capabilities for how to disinfect or detect threats. It helps us detect zero-day attack threats, so we are protected from that.

The effectiveness of the solution in blocking or sanitizing any content based on our policies is excellent.

I would recommend this product to other users. It should be integrated with AI for enhancement. I would rate this review at 10.

My main use case for MetaDefender is for our client's environment, which is using MetaDefender for their OT security or for their email side. All clients use MetaDefender, and it is especially great for Content Disarm and Reconstruction, which they want to leverage.

For example, one of our clients is using MetaDefender for their email gateway site as their mail gateways, scanning emails. Generally, they use MetaDefender's Content Disarm and Reconstruction property for that email scanning.

None of my customers are using the reporting and audit visibility features on MetaDefender platform.

Integrating multi-scanning and Content Disarm and Reconstruction positively affects my clients' data security operations, prioritizing security over potential delays experienced by end users.

The best features MetaDefender offers include its Content Disarm and Reconstruction, which is a key feature chosen by our clients because many other products claim to provide that functionality, but generally, they cannot do it as cleanly. Through Proof of Concept sessions with our clients and the OPSWAT team, they see that MetaDefender's Content Disarm and Reconstruction is strong, usable, and valuable for our customers, making them want to work with OPSWAT specifically for this feature.

For example, one of our customers was not using any Content Disarm and Reconstruction technology but was receiving emails containing PDF documents or XLSX documents, some with malicious content. MetaDefender's technology worked effectively, disarming and reconstructing PDFs to deliver clean copies to their users, while allowing their analysts to see the malicious code.

MetaDefender has positively impacted my clients' organizations by saving time for their SOC teams who were previously receiving false positives and unnecessary alarms from other products, allowing them to focus on analyzing real threats, which has led to fewer incidents.

For one of my clients, a major bank in Turkey, they reported saving approximately 30 percent of their SOC time on analyzing emails since implementing MetaDefender.

MetaScan multi-scanning feature is excellent because it provides multiple vendors for scanning. If one vendor fails, the others remain operational, ensuring continued protection.

Assessing the effectiveness of Deep Content Disarm and Reconstruction in reconstructing files safely and without signatures reveals it to be effective, as clients receive identical documents without changes other than the removal of malicious code.

MetaDefender's file-based vulnerability assessment analyzes binaries and installers for known vulnerabilities before they enter a network, providing a proactive defense that is highly valuable for our customers.

While MetaDefender's mail gateway already gives fewer false positives, there is still room for improvement in reducing those even further.

Additionally, MetaDefender could benefit from a better graphical user interface for administrators, making it more usable, although this is not an urgent need but an area for potential improvement.

I have been using MetaDefender for three years.

It was a fresh sell to our customers for MetaDefender, and I evaluated other options before choosing MetaDefender.

I have not seen a direct return on investment, but clients have noted that the product saves time and may reduce the need for fewer employees since the SOC team focuses on critical incidents as MetaDefender handles current analyses efficiently.

Pricing, setup costs, and licensing are handled by my sales team, but feedback indicates that our pricing is better than other vendor solutions.

I can specify that my clients considered other options before choosing MetaDefender.

I do not have anything else to add about how my clients use MetaDefender. My review rating for MetaDefender is ten out of ten.

Our use case is pretty wide. We wanted to scan every file uploaded by our customers to our application. For example, our customers upload ID data files to the application, and our application contacts the Core server via API and scans the files. We have about 15 external-facing applications where a customer or agent can upload a data file.

We have also integrated some of our network devices with the ICAP server for the same purposes.

And we are scanning some files on our file shares.

We sleep well now because we are assured that the files that are coming into our organization are scanned.

I like the simplicity, the way it works out of the box. It's pretty easy to run and configure. The integration of the network devices with the ICAP server was easily done.

Also, we don't have many false positives. When a file really is malicious, it is blocked. There is a really low false-positive ratio.

It just works. We don't use it for extreme use cases, and we didn't want to make extreme modifications because it works. We like that we don't need to put too much effort into operating the server. We just installed it, did a little bit of configuration and customization, and it just works.

The documentation is not well written, and I often need to talk with support.

We have been using the OPSWAT Core and ICAP servers for about two years.

I haven't experienced any instability with MetaDefender. We are running it in high availability. We have two MetaDefender Cores, each one in a different data center, and there is a load balancer. We set it up with high availability in mind. We haven't experienced any problems. The stability is a 10 out of 10.

I believe it is scalable, but I don't know how much it can be scaled. I would rate this aspect a nine out of 10 because I'm not sure. My rating is based on what I have read in the documentation.

We are planning to integrate this solution to scan files that are not only uploaded by customers, but also by third-party companies we are working with.

The support is good, really responsive. They usually respond within two hours or less, and we fix issues in about two days.

There is a guy there named Vlad. He is a great technician who has helped me many times when I had trouble with licenses or questions on how to do something differently. The support is great.

Positive

We were using ESET. It was like a homemade solution from five or 10 years ago and really hard to operate.

The implementation was straightforward. MetaDefender is quite easy to use. Installing it is very simple. The basic concepts are easy to understand.

We spent about two weeks implementing and configuring this. We wrote custom libraries with some scripts, and that's all. And it has been running for two years so far. We enabled automatic updates and it just works.

We have it deployed fully on-prem because we have sensitive data. We have it in two separate data centers. One is in Warsaw and the second is in Krakow.

There is no maintenance involved.

I deployed it with a member of my platform team and a network administrator.

We don't treat this like an investment that will return something.

We bought a three-year license, and that was pretty expensive. We agreed that it was really worth buying. It could be cheaper, but we understand that quality comes at a price.

We bought three ICAP servers and three MetaDefender cores for three years, and that cost about 600,000 PLN (about $145,000). Support is included in the price, and the support is great. We didn't need any custom modifications or deployments.

It's not that MetaDefender has some super-unique features, because we also tested some other products. But its simplicity was the main factor in our choice of OPSWAT.

I would do a proof of concept because we are talking about cybersecurity. We ran tests for free for about three months. After our testing we were happy with the results.