發生了什麼事?自 2022 年以來,針對全球醫療照護提供者的攻擊已增加一倍。身為全球最大的醫療照護組織之一,Clalit Health Services 等醫療照護提供者已成為網路罪犯進行贖金軟體和零時差攻擊的主要目標。
By working in partnership with OPSWAT over time to proactively address areas of vulnerability, however, Clalit has become a model for how to provide total protection for critical infrastructure by creating an enterprise file security service that utilizes 14 MetaDefender Cores with Multiscanning and Deep CDR™ Technology, as well as four MetaDefender Aether and MetaDefender ICAP servers.
我們首先透過API 整合Managed File Transfer (MFT) 和安全電子郵件解決方案。接著,我們將ICAP 伺服器連接到我們的代理伺服器,以進行網路流量的線上掃描。最後,我們將ICAP 伺服器連接到我們的反向代理和API 閘道,以提供掃描檔案上傳和 網路應用程式流量的能力。
Tamir Shahar
基礎架構設計師
Today, all files that enter Clalit through channels that include email, API, managed file transfer, the Internet, and the Cloud are scanned by 13 antivirus engines, and Deep CDR™ Technology. If the files cannot pass CDR or are excluded, the files will then be sent to MetaDefender Aether for further analysis. All scanning is done inline via API or ICAP.
By assuming every file contains a potential threat, such as malware or zero-day exploits, CDR (Content Disarm and Reconstruction) disarms threats by regenerating safe, usable files. Deep CDR™ Technology strengthens detection-based, anti-malware scanning with prevention-focused defense, protecting organizations from file-based threats, including targeted attacks.
OPSWAT's Deep CDR™ Technology sanitizes files by removing threats and rebuilding them to prevent file-based vulnerabilities.
Traditional security measures do not always detect sophisticated cyber threats, which includes zero-day attacks. Deep CDR™ Technology addresses this by sanitizing files at a granular level, thus reducing the risk of advanced and emerging threats.
By working together and augmenting Deep CDR™ Technology, Multiscanning provides a critical layer of protection against advanced and zero-day threats that commonly target healthcare providers.
隨著檔案數量的增加,再加上威脅份子不斷改良技術,創造出愈來愈複雜的惡意軟體來躲避安全解決方案;組織需要能夠快速掃描數以千計的檔案以找出惡意軟體,並同時擊敗每一層偽裝,以辨識有價值的 IOC (入侵指標)的防禦措施,又需要符合低資源需求、易維護且高效率的能力。
MetaDefender Aether’s unique adaptive-threat-analysis technology extracts IOCs 10 times faster than a traditional sandbox while providing 100 times more throughput. On just one server, MetaDefender Aether can process 25,000 or more files a day and its Adaptive Threat Analysis technology enables zero-day malware detection while extracting more IOCs.
OPSWAT’s Sandbox has very fast verdicts, thanks to emulation and is integrated with other products like Deep CDR™ Technology. Thus giving the best inline experience for scanning files with minimum disruption to users and allowing easy management.
“OPSWAT’s Deep CDR™ Technology supports the widest variety of file formats, including documents, images, and multimedia files,” Tamir Shahar, infrastructure architect at Clalit said.
“In addition, Deep CDR™ Technology reconstructs files with high fidelity after disarming. This means that the sanitized files retain their original format and functionality, minimizing the impact on usability and productivity. This contrasts with other CDR solutions that may strip out too much content or functionality during the sanitation process.”
Clalit 的網路專家指出,使用OPSWAT 的其他優點包括:
Enhanced user experience: Sandbox produces very fast verdicts thanks to emulation and it easily integrates with other products like Deep CDR™ Technology. This provides the best inline experience for scanning files with minimum disruption to users.
OPSWAT’s Sandbox has very fast verdicts, thanks to emulation and is integrated with other products like Deep CDR™ Technology. Thus giving the best inline experience for scanning files with minimum disruption to users and allowing easy management.
