With more than 30 combined scan engines, OPSWAT MetaDefender breaks the 99% mark when it comes to detecting cyber threats. The concept offers ISVs, IT administrators and security researchers optimal protection from new attacks as well as defence capabilities against attacks on certain antivirus programs.

“Since the partnership started, we were continually very happy with the IKARUS scan.engine”, Vinh Lam, OPSWAT´s Senior Software Engineer, sums up the six years of cooperation with IKARUS: “The integration was easy, we never had any escalation or critical issue.“

The company from San Francisco has extensive experience with various systems as they are operating more than 30 engines in parallel. “We are especially happy about the stability of the engine”, says Vinh Lam about the Austrian system: “It does not crash nor hang on samples, which is generally a challenge with other engines. This comes along with a good detection performance, including that the engine finds very less false positives.”

Updates of the IKARUS scan.engine are handled with greatest care. “Stability and performance are first priority to us”, says Gaspar Furtado, Head of Development at IKARUS: “We always assure that we only release sufficiently tested versions of highest quality. Thus, we successfully avert performance fluctuations.”

OPSWAT MetaDefender: comparing anti-malware engines

OPSWAT MetaDefender is the perfect product for analysing big data and for comparing different vendors, technologies and regions. Each technology has its particular strength and focus. Different anti-malware engines use different algorithms and approaches, and virus labs are located in different time zones and regions. MetaDefender makes it possible to combine various engines simultaneously on one system.

There is no 100% security. However, OPSWAT has experienced that detection rates increase combining several engines. Especially when it comes to new outbreaks, the time until detection is critical. Often, new samples are detected first by providers with geographical proximity to the malware source. Combining different engines from different regions will boost the probability of quickly detecting new threats.

IKARUS conquers America – and the rest of the world

Located in the centre of Europe, IKARUS Security Software offers professional malware protection for more than 35 years. ”We integrated the IKARUS scan.engine to our portfolio in 2014”, Tom Mullen, former project owner and now Vice President of Business Development at OPSWAT, remembers: “The cooperation was always very good. We appreciate quick consultations, no unnecessary bureaucracy, short communication channels and technicians that understand their business – partners like these make it easier and more fun to work!”

During the following months, customers kept subscribing for the IKARUS scan.engine additionally to their multiscanning package. “In 2015, we added IKARUS as a fixed component on our OPSWAT Metadefender 12”, says Tom Mullen.

“The international interest in our Scan Engine strengthens our development work and it shows, that even small teams can bring it to great success – and join the international market leaders”, proudly says Christian Fritz, COO at IKARUS Security Software: “Our success mirrors the technical skills of our developers and analysts as well as their determination and enthusiasm for their tasks.”

Unbeatable detection performance even without internet connection

In ongoing operations, the IKARUS scan.engine proves to work fast and effective. “IKARUS shows excellent run times, not taking too much CPU or RAM”, says Vinh Lam.

“Our development always kept in focus to build a fast system”, explains Gaspar Furtado: “By finding a solution where the engine can be scaled horizontally with any number of threads, we have overgrown our own expectations. Now we have one of the fastest antivirus system on the market.”

The IKARUS scan.engine is able to inspect samples in all container file types to any level of recursive depth. “Each file is disassembled and unpacked until it is completely examined”, the chief technician explains: “There are no technical limits, but users can define individual time limitations for scan processes per file.” It’s a profitable method: “IKARUS’ detection performance is very strong finding hidden malware in productivity files such as documents and images”, Vinh Lam confirms.

Besides, IKARUS shows an unbeatable performance on air-gap-systems. “Our detection rates remain unaltered even without internet connection. This is valid to all scans and execution including our self developed virtual environment which is part of the engine”, says Gaspar Furtado: “Due to the advantage, our SDK clients with air gaped systems often declare us unbeatable in detection performance which makes us very proud.”

For deeper insights into the features and methods of the IKARUS scan.engine, IKARUS offers regularely workshops, where developers discuss the latest updates and talk about different use cases.