My main use case for MetaDefender is for our client's environment, which is using MetaDefender for their OT security or for their email side. All clients use MetaDefender, and it is especially great for Content Disarm and Reconstruction, which they want to leverage.
For example, one of our clients is using MetaDefender for their email gateway site as their mail gateways, scanning emails. Generally, they use MetaDefender's Content Disarm and Reconstruction property for that email scanning.
None of my customers are using the reporting and audit visibility features on MetaDefender platform.
Integrating multi-scanning and Content Disarm and Reconstruction positively affects my clients' data security operations, prioritizing security over potential delays experienced by end users.
The best features MetaDefender offers include its Content Disarm and Reconstruction, which is a key feature chosen by our clients because many other products claim to provide that functionality, but generally, they cannot do it as cleanly. Through Proof of Concept sessions with our clients and the OPSWAT team, they see that MetaDefender's Content Disarm and Reconstruction is strong, usable, and valuable for our customers, making them want to work with OPSWAT specifically for this feature.
For example, one of our customers was not using any Content Disarm and Reconstruction technology but was receiving emails containing PDF documents or XLSX documents, some with malicious content. MetaDefender's technology worked effectively, disarming and reconstructing PDFs to deliver clean copies to their users, while allowing their analysts to see the malicious code.
MetaDefender has positively impacted my clients' organizations by saving time for their SOC teams who were previously receiving false positives and unnecessary alarms from other products, allowing them to focus on analyzing real threats, which has led to fewer incidents.
For one of my clients, a major bank in Turkey, they reported saving approximately 30 percent of their SOC time on analyzing emails since implementing MetaDefender.
MetaScan multi-scanning feature is excellent because it provides multiple vendors for scanning. If one vendor fails, the others remain operational, ensuring continued protection.
Assessing the effectiveness of Deep Content Disarm and Reconstruction in reconstructing files safely and without signatures reveals it to be effective, as clients receive identical documents without changes other than the removal of malicious code.
MetaDefender's file-based vulnerability assessment analyzes binaries and installers for known vulnerabilities before they enter a network, providing a proactive defense that is highly valuable for our customers.
While MetaDefender's mail gateway already gives fewer false positives, there is still room for improvement in reducing those even further.
Additionally, MetaDefender could benefit from a better graphical user interface for administrators, making it more usable, although this is not an urgent need but an area for potential improvement.
I have been using MetaDefender for three years.
It was a fresh sell to our customers for MetaDefender, and I evaluated other options before choosing MetaDefender.
I have not seen a direct return on investment, but clients have noted that the product saves time and may reduce the need for fewer employees since the SOC team focuses on critical incidents as MetaDefender handles current analyses efficiently.
Pricing, setup costs, and licensing are handled by my sales team, but feedback indicates that our pricing is better than other vendor solutions.
I can specify that my clients considered other options before choosing MetaDefender.
I do not have anything else to add about how my clients use MetaDefender. My review rating for MetaDefender is ten out of ten.