API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the...
Transcript of API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the...
![Page 1: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/1.jpg)
API Deep DiveOESIS Modules
![Page 2: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/2.jpg)
Agenda
• What is OESIS
• Build Endpoint Security Features with OESIS
• API
• OPSWAT Certified Security Applications Program
• Roadmap
• Additional Resources
• Q & A
![Page 3: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/3.jpg)
What is OESIS
Vulnerability Assessment Report 1,000,000+ vulnerable binaries from 15,000+ application versions
Infection DetectionIndication of comprise, quickly assess system security using 3 OPSWAT unique technic
Peripheral ManagementMonitor and manage portable media device, block / unblock USB device and etc.
Application RemovalSilently remove 1,200+ applications including toolbars, ransomware and etc.
Device ComplianceDetect, classify and manage 5,000+ security applications
Endpoint management SDK that enables customers to build security features
![Page 4: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/4.jpg)
License OESIS Framework
and many more….
![Page 5: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/5.jpg)
Build Endpoint Security Features with OESIS
200M+ Endpoints managed
5,000+Third-party applications from 800+ vendors
140,000+ APIs supported
![Page 6: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/6.jpg)
• Vulnerability Assessment
• Infection Detection
• Peripheral Management
• Application Removal
• Device Compliance
Build Endpoint Security Features with OESIS
![Page 7: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/7.jpg)
• 250+ top vulnerable applications
• 10,000+ associated CVE with severity information
• 1,000,000+ identified vulnerable hashes
• 30+ times faster than existing solutions on the market
Vulnerability Assessment
Use case: I want to check whether there are known vulnerabilities on my system or in the
data that is being brought to my network.
Product name OPSWATLeading solution in the market
Notepad++ v x
Oracle Java JRE v v
Paint.NET v x
PuTTY v v
QQ v x
Secunia PSI v v
Silverlight v v
Skype v x
TeamViewer v x
TortoiseGit v x
TortoiseSVN v x
VLC media player v v
vSphere Client v x
Windows Defender v x
Windows Firewall v x
Windows Media Player v x
Windows Update Agent v v
Windows VPN Client v x
WinPcap v x
WinRAR v v
WinSCP v v
Wireshark v v
Zoom v x
Product name OPSWATLeading solution in the market
7-Zip v x
ActivePerl v x
Adobe AIR v v
Adobe Flash Player v v
Beyond Compare v x
Cisco AnyConnect VPN Client v v
ESET Endpoint Security v x
FileZilla v x
Google Chrome v v
Internet Explorer v v
Microsoft Excel v v
Microsoft Filemon x v
Microsoft Lync v v
Microsoft OneNote v v
Microsoft Outlook v x
Microsoft PowerPoint v v
Microsoft Process Explorer x v
Microsoft Publisher v v
Microsoft Regmon x v
Microsoft Visio v v
Microsoft Word v v
Microsoft XML Core Services (MSXML) x v
Mozilla Firefox v v
![Page 8: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/8.jpg)
Infection Detection
Use case: I want to quickly verify whether my system is compromised.
Scan memory componentsWith Metadefender server or our cloud
Search for repeated threatsFrom local installed anti-malware solution
Validate connected IPsAgainst 13 cloud IP reputation engines
![Page 9: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/9.jpg)
Infection Detection
![Page 10: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/10.jpg)
Infection Detection
Scan memory componentsWith Metadefender server or our cloud
![Page 11: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/11.jpg)
Validate connected IPsAgainst 13 cloud IP reputation engines
Infection Detection
![Page 12: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/12.jpg)
Search for repeated threatsFrom local installed anti-malware solution
Infection Detection
![Page 13: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/13.jpg)
Peripheral Management
Use case: I want to block any USB that is connected to my device until the data on it is
examined.
OESIS
BLOCK
ACCESS
EXAM
THE
DATA
UNBLOCK
MEDIA
![Page 14: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/14.jpg)
Application Removal
Support for Endpoint Security Suites
Support for Potentially Unwanted
Applications
• Silent uninstall without user interaction
• Even when end-users have forgotten their passwords
• Even if a prior manual uninstall attempt failed to complete
• Even if product self-protection enabled
Use case: I want to automatically remove all the unwanted applications, I want to uninstall
my legacy security application prior to install the new one.
![Page 15: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/15.jpg)
Use case: I want to know what kind of applications are running on my system/on my
network.
Signature base and system generic detection
• 500+ applications detected on a physical device on average
• 300+ applications analyzed and labeled
• Potentially unwanted applications, ransom ware, etc.
• 15 different security categories
Fast response and small memory footprint
• Same size as msprint.exe, 30% of any browser instance
Device Compliance
![Page 16: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/16.jpg)
16
Challenge from BYOD – Bring Your Own Device
![Page 17: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/17.jpg)
Device Compliance
Use case: I want to ensure end-user’s own device is compliant before connecting to my
network.
Retrieve application status information
• What is anti-malware protection state, virus definition,
last scan time, and threat history
• Which drive volume is encrypted
• Whether system has missing patches
Apply remediation based on security policy
• Trigger full-system scan
• Update malware definitions
• Install missing patches
And 100+ more unique feature APIs
![Page 18: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/18.jpg)
Supported Applications
![Page 19: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/19.jpg)
Auto Update
Always up to date
with hands-free
solution
Reduce discrepancy due to release frequency
Continuous delivery
Specific OESIS versions deployed based on your choosing
Flexibility to roll back any time
![Page 20: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/20.jpg)
Integrating to Metadefender Product Family
![Page 21: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/21.jpg)
C-JSON I/O
API
• Plug and play modules allow you to only
deploy the components you need
• Flag JSON I/O, can be integrated with C++,
C#, Ruby, Java, Python, PHP, and nearly any
programming/scripting languages
• Detail sample code and developer guide
allows for complete integration within three
hours from the start
![Page 22: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/22.jpg)
OESIS Real World Deployment
![Page 23: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/23.jpg)
Quality False Positive Compatibility
OPSWAT Certified Security Applications Program
![Page 24: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/24.jpg)
Gold Certification
Quality
• Ensure solutions pass security auditingAV-TEST
AV-Comparatives
• Weed out rogue security applications
False Positive
• Reduce false positive alarms
• Eliminate unnecessary operation slowdown
Compatibility
• Guarantee compatibility with leading CASB, NAC, SSL-VPN technologies
• Reduce support costs due to security policy incompatibility
![Page 25: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/25.jpg)
OPSWAT Market Share Report
![Page 26: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/26.jpg)
Roadmap Features
• Support for open source Linux projects based on OESIS
• Report vulnerabilities on system binaries and hardware drivers
• Support for Windows phone and more IoT Android Wear Apple Watch and Apple TV Amazon Echo Dot NFC rings
![Page 27: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/27.jpg)
Additional Resources
API documentation:http://software.opswat.com/OESIS_V4/html/
Support charts:
https://software.opswat.com/OESIS_V4/Win/docs/support_charts/support_charts.html
https://software.opswat.com/OESIS_V4/Mac/docs/support_charts/support_charts.html
![Page 28: API Deep Dive - storage.googleapis.com · API •Plug and play modules allow you to only deploy the components you need •Flag JSON I/O, can be integrated with C++, C#, Ruby, Java,](https://reader030.fdocuments.us/reader030/viewer/2022040315/5e209f32dc13a3549a66427f/html5/thumbnails/28.jpg)
Thank You!
Jianpeng MoSenior Director of Software Engineering
O 415.590.7300
F 415.590.7399
C 510.610.7208
398 Kansas St.
San Francisco, CA 94103
www.opswat.com