MetaDefender Core v5.2.1 Release

Product Overview

OPSWAT MetaDefender Core protects your organization by preventing advanced cybersecurity threats on multiple data channels. MetaDefender Core leverages several proprietary technologies, including Deep Content Disarm and Reconstruction (Deep CDR), Multiscanning, File-Based Vulnerability Assessment, Data Loss Prevention and Threat Intelligence to provide comprehensive protection for your networks and infrastructure against increasingly sophisticated malware.

Release Highlights

Archive compression after Proactive DLP process

In MetaDefender Core v5.0, the Archive Compression engine was introduced as an additional feature under sanitization workflow to improve archive handling performance. Starting from this release, it not only supports Deep CDR but also Proactive DLP. Thus, MetaDefender Core will compress applicable output files provided to end-users after both Deep CDR and Proactive DLP processes.

In order to maintain backward compatibility, this feature is disabled for Proactive DLP use case by default. However, administrators can enable it with just one click in the new Compression workflow tab. 

New compression tab in the workflow configuration

Due to the update of the Archive Compression feature, a new “Compression” tab is displayed in the workflow navigation bar to help administrators quickly adjust the archive compression related configuration.

New compression tab in the workflow configuration

Notification of required dependencies during engine upgrades

To properly operate and process files, engines on MetaDefender Core need to be equipped with specific third-party dependencies. When a new version of an engine is installed, it may require new dependencies, which have not been installed on the system yet. In this case, administrators will be notified of the engine upgrade error and the missing dependencies as the causes of an upgrade failure. So, the administrators can quickly and easily solve the problem.

Notification of required dependencies during engine upgrades

Hash lookup API new features

MetaDefender Core has always allowed you to retrieve analysis results by hash. This feature helps boost the product performance especially when the same files are processed several times within a particular time frame. This release introduces 2 new models for the hash lookup API via new headers called timerange and selfonly:

  • timerange (number of hours) helps narrow down the search context. It allows scoping down the recent number of hours that hash lookup task should start from till now, instead of searching the entire scan history in the MetaDefender Core database.
  • selfonly (true/false) is to help improve the query time on archive file result lookup. It allows MetaDefender Core to only perform hash lookup against the original archive file , and skip searching all child files result within the original archive.

File type ID information exposure

MetaDefender Core users now get the File type ID info in both JSON scan details, and on the scan result page UI. This information will help indicate unique file type identification that facilitates blocklist and allowlist configuration.

File type ID information exposure

Custom internal PostgreSQL user

After MetaDefender Core installation, database system administrators can now set their own internal PostgreSQL username, which was randomly named by MetaDefender Core and nonadjustable in previous versions.

Verbose file type analysis data

This version supports exposing verbose file type analysis data in JSON scan details. This can be done via the setting ‘include_file_details’  in the engines-metadata header for POST file submission request

Other improvements in security, product user interface and bug fixes can be found in our release notes.

Release Details

  • Product: MetaDefender Core
  • Release Date: 30 August 2022
  • Release Notes: 5.2.1
  • Download Link on OPSWAT Portal: Download
Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.