Threats may be present in any file. This is a given, and cyber security defense strategies must take this into account. This is why secure file transfer solutions are essential.
MetaDefender Secure File Transfer (SFT) is unique in that it uses both multi-scanning and data sanitization/Content Disarm and Reconstruction (CDR) for the ultimate in secure data transfers. MetaDefender SFT scans with multiple anti-malware engines, at multiple times, for faster malware detection, and can also sanitize files with CDR to eliminate zero-day threats in documents.
Click diagram to expand
Outbreaks and Zero-Day Attacks
When a strain of malware has spread to multiple devices, this incident is called a malware outbreak.
A zero-day attack exploits a vulnerability before the vulnerability is discovered and patched. Such an exploit often leads to a malware outbreak.
Zero-day attacks are often concealed within common files — documents, images, or archives.
Time Lag in Outbreak Detection
The danger of malware outbreaks, especially those that leverage zero-day vulnerabilities, is that the intrusion likely will not be detected right away. In fact if the threat is a new one, bad actors may be present in a system for days, weeks, or even months and go undetected.
Even once the signature of a new malware strain is known, your particular anti-malware engine may not be able to detect it immediately.
This is why it is necessary to use multiple anti-malware engines in order to detect outbreaks within hours, not days — or weeks. On MetaDefender.com, we track how long it takes for each of our anti-malware engine packages to detect new outbreaks on average.
| Number of Engines | Number of Hours Vulnerable |
| 4 | 8.78 |
| 8 | 0.87 |
| 12 | 0.66 |
| 16 | 0.55 |
| 20 | 0.21 |
| 30 | 0.18 |
statistics retrieved 10-3-17
How to Defend Against Outbreaks with MetaDefender SFT
MetaDefender SFT enables administrators to:
1. Lock files for a specific time period before they are available to users.
2. Rescan files periodically even after they enter the organization and block a file immediately as soon as the file is detected as malicious.
The Technology Behind MetaDefender SFT: Data Sanitization (CDR) and Multi-scanning
Two main technologies make MetaDefender SFT the most effective solution for transferring files.
1. Multi-scanning: Multi-scanning leads to faster detection of outbreaks, as you can see in the table above. When it comes to detecting a malware outbreak, a few hours can make the difference between quarantining the threat and being responsible for a massive data breach.
2. Data sanitization (CDR): Data sanitization, or Content Disarm and Reconstruction, eliminates zero-day threats that are hidden in common file types by stripping potentially malicious embedded objects. For instance, a malicious macro in a Microsoft Word document would be removed, rendering the document harmless.
Data sanitization can be initiated at a customized point along the workflow — while a file is being transferred or while it's locked for a period of time, for example.
Contact OPSWAT to learn more about MetaDefender SFT