Finding the Needle in the Lawful Intercept Haystack

Modern encryption techniques have resulted in Law Enforcement and Intelligence Agencies losing the benefits that came from carrying out Lawful Intercept activities. Indeed the time required to investigate a lawful intercept PCAP file for relevant and useful information is now such that should any artefact be found, it is almost certainly found long after the time when the information could have been at its most useful.

Communications channels have gone way beyond the simple calls and text messages of the past. The proliferation of messaging apps (WhatsApp, Signal, Telegram etc.), the ability to send messages via social media platforms (Facebook, Nextdoor, Instagram etc.) and the use of video communication platforms (FaceTime, Zoom etc.) has resulted in a very complex environment to investigate and analyse when looking for that particular artefact that will break the case, or that specific piece of intelligence that will lead the investigators to where they need to go, and this is before you add the problem that all investigators have when these communications are encrypted.

Additional information and intelligence you may want to know is which websites have been visited, when, with what frequency, for how long, etc. Another thing that Wireshark won’t do for you here, but a good LEA workflow will, is categorise each website into a category; is it Ads, Shopping, Food, Travel, Furniture, Pornography, Social Networking, Political Ideology, Terrorism, etc.

What is required is a tool that examines the lawful intercept network data (most likely a PCAP) and synthesises the output into a clear website profiling view. When that kind of analysis takes seconds and can be immediately reflected from a large collection of PCAPs, then we’re really cooking on gas. 

Today Lawful Intercept of data services can still be an effective tool against communication apps. What is being said is lost to unbreakable encryption, but that is not what is often needed to progress an investigation. Each call leaves a digital footprint in the packet captures, and that is clearly visible to the right tool, regardless of if that app is WhatsApp or some obscure dialler you have never heard of. Some of these applications are quite challenging to ‘fingerprint’ within the network noise, but the right application of machine learning can classify these applications with high confidence. 

If you would like to find out more about how to find that Needle in the Lawful Intercept Haystack and work in Law Enforcement or Intelligence, then subscribe to Digital Forensics Magazine and read the full article, and join Sandvine for a Live Demonstration of Digital Witness.

Digital Witness Webinar Registration (



7 Technologies To Watch in 2023

How IoT Solutions Are Taking Tech Into The Future

By Matthew Margetts, Director, Smarter Technologies

The Internet of Things (IoT) is becoming a household name – and one that has found unique applicability in not only our homes, but in our businesses, workplaces, and cities. The number of installed IoT devices is expected to surge to around 30.9 billion units by 2025. The myriad of different forms of technology has the potential to provide incredible business value.

They are vital tools for digital transformation and datafication – and their power lies in performance improvements, as well as problem-solving capabilities. IoT’s importance as a technology trend this year and into the future is the role it plays in the successes of other technologies. For business owners looking to drive evolution, keeping a finger on the pulse of the latest IoT trends is important for agility into 2023 and beyond.


Broadly speaking, IoT is the ecosystem of internet-connected smart devices and technologies in our homes, cities, and workplaces that continuously collect data.


There are more than 7 billion connected IoT devices currently in operation.

By 2030, 75% of all devices are expected to be IoT.

Worldwide IoT spending is anticipated to reach $1 trillion and this growth rate is predicted to continue in 2023 and beyond.


A Quick View of the Benefits of IoT in Business

IoT solutions help to build resilient supply chains

Improved health, wellbeing, safety, and security

Optimised asset usage and maintenance

Reduced overheads

Improved communication and engagement

Meaningful sustainability and environmental advances


1. Remote Monitoring

According to McKinsey, the COVID-19 pandemic accelerated the adoption of digital technologies by seven years. Off the back of global lockdowns, this naturally includes the requirement for remote monitoring and the move towards automated systems. These IoT-based technologies are being adopted to transform everything from building monitoring and machine performance to building occupancy and machine learning.

2. Modular Smart Technologies Solutions

The preference for individual devices performing multiple functions has given way to networks of devices. This network of devices creates a modular system of individual utilities and processes. The result is a granular view of whole operations, which works toward holistic network benefits.

3. Data Analysis

Data is arguably one of the top strategic tools for businesses. High-quality data plays a role in designing business strategy (what can be monitored can be more effectively managed) and ensuring the integrity of supply chains. Through alerts around deviations from “normal” data sets, real-time action is also inspired, which can avert disaster and save costs.

Data also has the ability to inspire high-level compliance, machine learning, customer service, maintenance schedules, safety and security. Additionally, it gives invaluable insights for the purposes of gauging return on investment and preventing wastefulness.

4. Artificial Intelligence, Machine Learning, and Visual Inspection

The concepts of artificial intelligence, machine learning, visual inspections, and automation are becoming increasingly commonplace. These functions are all best guided by data insights – removing the unpredictability and margin of error from human processes.

5. Advanced Networks

As IoT technologies evolve, so too do the networks around them. Improved speed, security, and reliability of networks and connectivity infrastructure are the precursor to IoT sensors, wearables, smart cities and homes.

6. Smart Buildings, Smart Cities

IoT and smart technologies are being used to optimise various functions within the city environment. This is being done as a means of creating a more engaged public and improving everything from public transport systems to responsible and environmentally conscientious resource utilisation.

IoT technologies and smart technology solutions have also found their way into businesses, buildingshealthcareretailagriculture, and manufacturing. IoT technologies stand to have a bearing on many different facets of these different sectors. This includes vaccination cold chains, predictive maintenance for enhanced equipment management, transport and logistics. The applications are endless – and are easily tailored to the specifics of a project or long-term strategic objective.

7. Digital Twins 

Digital twins are virtual replicas of a physical product, process, or system that bridge the physical and digital worlds. Today’s digital twins use sensors to collect real-time data about a physical item, which is used to create a virtual duplicate of the item. The digital duplicate can be optimised, manipulated and analysed to test different scenarios in a risk-free environment.



According to Kaspersky research published in the first quarter of 2022, 43% of businesses have unprotected IoT infrastructure – and cybersecurity concerns remain a barrier to IoT systems implementation (as reported by 57% of surveyed businesses).

As IoT devices become more prevalent – and as our reliance on them increases – so security concerns take on renewed importance. Gartner reports that 20% of organisations have experienced cyber attacks on IoT devices over the past three years.

Chip Shortages

The supply of semiconductor chips for IoT solutions has been put under strain by the high demand in recent times, resulting in a chip shortage. This is expected to limit IoT growth by 10-15% in 2022. The good news is that public and private sector efforts by the European Union are designed to meet the challenges of the shortage and make way for achieved growth potential.


Traditionally, the optimal effectiveness and speed of data transmission of IoT technologies has hinged on bandwidth capabilities. Network advances will ensure not only that data is transmitted in real time as required by many applications, but also that this process is done securely.


Matthew Margetts is a Director at Smarter Technologies. His background includes working for blue-chip companies such as AppNexus, AOL/ Verizon, and Microsoft in the UK, Far East and Australia.



Cyber Outstanding Security Performance Awards (OSPAs) – Nominations Closing Soon

Entries for the 2022 Cyber OSPAs are open until 15th August

For any enquiries please email

The categories and criteria for the Cyber OSPAs are listed below.

Please note that it is important that all the entry criteria are covered in the submission, as judges can only provide their scores against the information that is submitted on the entry. External links and attachments are not permitted.



University of Warwick Wins Veracode’s First-Ever Hacker Games

Next Generation of Developers Establish Secure Coding Skills Through Two-Week Competition

BURLINGTON, Mass. – March 31, 2021 – Veracode, the largest global provider of application security testing (AST) solutions, announced today the winner of its first-ever Hacker Games competition, which challenged students to hack and patch real-life apps online. WMG Cyber Security Centre at the University of Warwick was crowned the winner and awarded a $10,000 charitable donation after successfully completing 1,854 challenges over the course of two weeks, while Tufts University took second place and a $5,000 donation. In addition, each individual player from the winning teams and overall top scorers won prize money.

Professor Tim Watson, Director of the WMG Cyber Security Centre at the University of Warwick, said, “The Hacker Games were a fantastic way to promote secure software development and provided our students with a highly challenging experience. The labs are tremendous resources and we will be encouraging our students to take advantage of them to further their skills and experience. We are very grateful to Veracode for creating such a wonderful environment and competition.”

Setting Future Software Developers Up for Success

By empowering the next generation of software developers to write secure code, the Veracode Hacker Games aim to help plug the cybersecurity skills gap. The two-week collegiate competition saw nearly 90 computer science and cybersecurity students from leading universities across the U.S. and U.K. complete hands-on challenges in Veracode Security Labs. Altogether, participants solved a total of 8,500 labs and accumulated nearly 100,000 points.

Chris Wysopal, Founder and Chief Technology Officer at Veracode, said: “The cybersecurity skills gap is proving costly to corporations worldwide. The Hacker Games are a way for us to demonstrate the importance of secure coding to the next generation of software developers. The passion, competitive spirit and commitment from each participating university was impressive and we’re excited to work with each of these schools to make software security a more regular part of their curriculum.”

All participating universities in the Hacker Games will be given complimentary Veracode software for a year. For more information about the universities and teams, visit

About Veracode

Veracode is the leading independent AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities. 

Veracode serves 2,500 customers worldwide across a wide range of industries. The Veracode solution has assessed more than 25 trillion lines of code and helped companies fix more than 59 million security flaws. Learn more at, on the Veracode blog, and on Twitter.



UK Cyber Security Council Begins As Independent Body

The Cyber Security Alliance-led Formation Project has created an umbrella body that will grow to champion cyber security education, training and skills

LONDON – March 31st 2021 – The UK Cyber Security Council – the self-regulatory body for the cyber security education and skills sector – today announced that the Formation Project to create the Council has completed, allowing the Government-mandated Council to officially become an independent entity, fully and only accountable to its Trustees.

The Council will champion the cyber security profession across the UK, providing broad representation for the industry, accelerating awareness and promoting excellence in the profession. It will do this by delivering thought leadership, career tools and education resources to the cyber security sector and those seeking a career in the industry, alongside helping influence government, industry and academia with the aim of developing and promoting UK cyber security excellence globally and growing the skills base.

Dr Claudia Natanson, chair of the Council’s Board of Trustees, said: “The Formation Project has put down solid foundations on which the Council can build, and that is what the Council is able to, and will do, from today. The next few months will be especially busy; we are now able to hire and start work on gaining traction and momentum across and beyond the profession. We’ll also be engaging with Government to ensure the delivery of the standards and governance needed to ensure a strong cyber security profession now and in the future. The trustees assure all those involved in the Council to date of our maximum efforts to take their work forward.”

Near-term tasks for the Council include:

  • the appointment of a permanent leadership team, who will work with the Board of Trustees to establish the Council as a leader in the profession, influencing its standing and reputation within the UK and globally; and
  • the recruitment of personnel to take forward the work of the Formation Project on elements of the Council’s remit, including recognition for cyber security practitioners, professional ethics, diversity and inclusivity in the profession and thought leadership

Dr Natanson also thanked the Cyber Security Alliance and the member organisations that supported the Formation Project. “For twenty months, scores of volunteers from the 16 forward-thinking organisations of the Cyber Security Alliance have devoted countless hours to getting the Council to this date. We cannot thank them enough, because without them there would be no Council. In the teeth of a pandemic, to reach this date with the Council on schedule is remarkable,” she said.

Dr Budgie Dhanda, managing director of 3BDA and co-chair of UK Cyber Security Council Formation Project, said: “The volunteers from the members of the Cyber Security Alliance have put heart and soul into the Formation Project, and the members of the Alliance itself have supported their staff all the way. We’re all very proud of what we’re handing over today and look forward to its evolution into a fully functioning, effective Council to represent our profession through the changes ahead.”

Dr Bill Mitchell OBE, chair of the Cyber Security Alliance, “Today marks a significant milestone for the many people who are today and will be in the future handed the enormously important task of protecting the United Kingdom and its economy from cyber threats that undermine the foundations of modern society.  Handing over the Council to its trustees is the culmination of over four years of commitment to a shared vision and shared values of public benefit from 16 organisations that came together in recognition of the breadth of skills and disciplines that go into this task. Now a new profession for the UK can be officially recognised and supported. The Alliance remains fully committed to supporting the new Council and ensuring it succeeds at the pace and with the reach the UK needs as we recover from the pandemic and find our place outside the EU.”

The Council has been invited by the NCSC to participate at CYBERUK, the UK government’s flagship cyber security conference in May. It will outline some initial plans at the event.

History of the Council to date

  • In November 2016, the UK Government’s National Cyber Security Strategy 2016-2021 set out “the UK Government’s plan to make Britain secure and resilient in cyberspace”.
    It included ambitions to develop and accredit the cyber security profession by: “…reinforcing the recognised body of cyber security excellence within the industry and providing a focal point which can advise, shape and inform national policy.”
  • In December 2018, the Government’s Initial National Cyber Security Skills Strategy policy paper specifically prescribed a new, independent body: the UK Cyber Security Council.
    The policy stated that: “Our ambition is for there to be a new, independent UK Cyber Security Council that will embolden the profession to structure and develop itself in a way that meets current and future demands. The Council will be charged with the development of a framework that speaks across the different specialisms, setting out a comprehensive alignment of career pathways, including the certifications and qualifications required within certain levels. The Council will lay the structural foundations of the cyber security profession that will enable it to respond to the evolving needs of industry and the wider economy.”
  • In August 2019, the Department for Digital, Culture, Media and Sport (DCMS) appointed the Cyber Security Alliance following a competitive tender process, with the  Institution of Engineering and Technology (IET)serving as the lead organisation, to design and deliver the UK Cyber Security Council.

The Cyber Security Alliance
The Cyber Security Alliance brings together a range of established knowledge and disciplines, each of which currently has a leadership role in underpinning UK expertise in the digital environment.  With an overall aim to provide clarity around the skills, competences and career pathways within this fast-moving area of cyber security, the initial objective is to support commitments expressed within the UK National Cyber Security Strategy, including the stated intent to recognise professionals through Chartered status. Members include:

About the UK Cyber Security Council
The UK Cyber Security Council is the regulatory body, and voice, for UK cyber security education, training and skills. It drives progress towards meeting the key challenges the profession faces and develops, promotes and stewards nationally recognised standards for cyber security qualification and learning. The Council, working closely with the National Cyber Security Centre (NCSC), the UK’s national technical authority for cyber security, supports the UK Government’s National Cyber Security Strategy to make the UK the safest place to live and work online.

The establishment of the Council by the Cyber Security Alliance consortium of cyber security professional bodies was commissioned by the Department for Digital, Culture, Media and Sport (DCMS) in September 2019.



British Army Digital Forensic Specialists Win Two Top International Awards

A British Army Sergeant and digital forensics expert and a forensics team from the British Army’s Royal Military Police (RMP) have proved they are the best in their field, having won two top awards the International Digital Investigation Awards 2020. The IDIA celebrates innovative action by law enforcement agencies from around the world.

The virtual ceremony hosted nominations from world renowned organisations including the Federal Bureau of Investigation (FBI) and the Metropolitan Police in categories including digital forensic techniques, collaborative investigation and digital investigator of the year, to name a few.

Use of Advanced Digital Forensic Techniques Award

Sergeant James Stubbs, of the Service Police Cyber Crime Centre (SP3C) scooped the Exceptional Use of Advanced Digital Forensic Techniques Award, beating other highly skilled specialists and team finalists from the Metropolitan Police Service Cybercrime Unit and Leicestershire Police’s Digital Media Intelligence unit.

On receiving the award, Sgt Stubbs said: “I’m delighted to have been nominated and to have won the award for what was a challenging and rewarding investigation. Details of the techniques I used have been requested by INTERPOL Cyber Crime, raising SP3C’s profile internationally.

“I am also proud of SP3C, SPCB, FIIU and FIB for receiving the award for Collaborative Investigation, both awards have provided positive exposure of the Service Police and its efforts to our international counterparts,” he said.

Sgt Stubbs was nominated for his ground-breaking work and carrying out digital forensic investigations to support a US Service Police CID investigation into a sudden death in Iraq in 2019. He was able to retrieve the data from the deceased’s very damaged fitness watch, despite the fact that there was no forensic support for this type of device at the time.

RMP digital forensic investigator at work.

This was of immense importance for the investigation, meaning that time and place of death could be established, enabling the investigators to determine whether any criminal activity had occurred.

More broadly, Sgt Stubbs’s work will also benefit the wider law enforcement community as his work has significantly enhanced understanding of how to forensically analyse such devices, so could be used in future cases to determine time of death and posthumous movements in sudden death or murder cases.

Team Collaborative Award

The RMP Specialist Operations Regiment was recognised in the Team Collaborative Award for their work alongside members of the Royal Navy Police Special Investigation Branch (RNP SIB) for their work in extracting, decoding and interpreting electronic information from a number of devices seized as part of an investigation into alleged possession of indecent images of children.

Corporal Sam Ward, Royal Military Police, and Chief Petty Officer (Master at Arms) Jason Briant, Royal Naval Police, both of Spec Ops Regiment RMP.

Spec Ops Regt continued to support the investigation when jurisdiction was passed to Northumbria Police. As a result, a former serviceman was sentenced to 14 years in jail, made subject to a sexual harm prevention order, a restraining order for life and is on the sexual offender’s register for life.

The team was shortlisted alongside Op BLEAK (a collaboration between North West Regional Organised Crime Unit, the National Cyber Crime Unit and the Australian Federal Police), and National Undercover Online.

‘Best of the best’

Brigadier Viv Buck, Provost Marshal (Army) said: “I am incredibly proud that the RMP has won two awards in the International Digital Investigation Awards 2020, particularly against such high-quality competition from other UK and international law enforcement agencies.

“This is a true reflection of the credibility, competency and excellence of the Service Police team working in digital forensics; they truly are among the best of the best.”



UK Government Announces New UK Cyber Security Council

The UK Government announces new UK Cyber Security Council “to boost career opportunities and professional standards for the UK’s booming cyber security sector”.

The new UK Cyber Security Council announced today by the UK Government follows an initiative started in the 2015 UK National Cyber Security Strategy “developing the cyber security profession, including through achieving Royal Chartered status by 2020, reinforcing the recognised body of cyber security excellence within the industry and providing a focal point which can advise, shape and inform national policy”. Though the aim for the Council to achieve Royal Chartered status by 2020 has not been met, the achievement of establishing the Council is certainly a major step forward.

Following the publication of the 2015 National Strategy in early 2016 the WCIT and BCS worked to bring together a group of 17 organisations to form the Cyber Security Alliance.

The Cyber Security Alliance Members

This Alliance recognised that the establishment of the council, whilst much needed, could also be significantly disruptive if full engagement with industry professionals and academia was not carried. The Alliance set out to engage with DCMS and NCSC as discussions and public consultations were carried out. The result was the Alliance being awarded a grant and contract in August 2019 to establish the UK Cyber Security Council through its lead member the IET following an open competition process.

The significant amount of time and effort by individuals from both Alliance member and non Alliance member organisations is hard to quantify, but is significantly greater than the amount of grant funding awarded and that the council development has reached such an advanced stage within the contracted timeframe is a testament to their professionalism and commitment.

The Council is to be formally launched on the 31st March 2021

Work continues to prepare for the launch. The launch is but the end of the project to deliver the council, the real work then begins to establish the Council as a credible professional body that will represent those that work in the cyber security industry. DFM wish the new trustees charged with firmly establishing the council and moving it forward, good luck in their endeavours.



Digital Forensics Specialist (Video)

Digital Forensic Specialist (Video)

SALARY – Circa £37,305 plus £3,406 location allowance

You will receive £37,305 the band minimum. Progress to the band maximum of £41,811 will be via incremental progression. 
LOCATION –   London, SE1

The Digital, Cyber and Communications (DCC) department is undergoing significant changes. It’s all to improve the way we deliver digital forensics services to the MPS and the Criminal Justice System. We’re aiming to offer three different levels of service. As part of this, we’re introducing digital forensic kiosks into custody suites and opening small labs across London. This is a rare chance to be part of the Central Digital Forensics laboratory and help bring criminals to justice – all while developing a unique skill-set.

You’ll be crucial to our vision, as you’ll help us to enable complex investigations, and develop new tools to meet the needs of future technologies. An expert in your field, you’ll be a valuable member of the Forensic Video department, able to interpret digital forensic submissions and provide detailed reports. Confident in the recovery of deleted or corrupted video material, you’ll reverse engineer everything from CCTV recorders to phones – creating compilations for court presentation. With outstanding communication skills, you’ll also oversee a small team and provide peer reviews against ISO 17025 standards.

To join us, you need to be confident with all types of video technology and forensics techniques. With second-to-none expertise, you’ll have proven experience in presenting evidence, working on criminal investigations and attending court. And committed to constantly improving technical practices and procedures, you’ll be dedicated to keeping track of emerging trends.

To apply, please visit our website to download a role specific information pack and application form.

Completed applications must be returned by 17 March 2017.

Please note we are only able to review the first 50 applications received.

We view diversity as fundamental to our success. To tackle today’s complex policing challenges, we need a workforce made up from all of London’s communities. Applications from across the community are therefore essential.



Beebone takedown is only half the battle, warns OpenDNS

Following confirmation that the BeeBone botnet had been sinkholed last week, OpenDNS IT Pro – Owen Lystrup warns that this is just the first step in stopping these infected machines:

“While the difficult effort of stopping the botnet is complete, it is only the first step to ensuring security for those affected. The next, and perhaps more crucial, steps are to shutdown the servers involved and clean the infected endpoints. As we’ve seen before with cases like Kelihos, botnets can resurface after a dormant period.
“The interagency sinkhole essentially chops the botnet’s capability at its knees. However, unless they have been thoroughly cleaned, the endpoints compromised are still very much infected. The sinkhole merely means outbound traffic intended for what were formerly command and control (C&C) IPs will now get dropped. This result is positive. It means those infected machines will no longer receive instructions from a malicious server – for now.”

Dhia Mahjoub, senior security researcher at OpenDNS, has spent a great amount of time researching botnets – like Kelihos and Zbot, which have similar characteristics to Beebone. And he’s fully aware of the challenges involved with stopping them. “Sinkholes are good for telemetry, which will measure the extent of the threat,” he said. “Step two is for law enforcement to actually take down the involved servers, and to clean the endpoint machines.”

After the press release announcing the takedown, the OpenDNS security research team used the preliminary data to map the known infrastructure and compare it using its own unique view of DNS traffic on the internet. Analysis from OpenDNS shows traffic requests to these formerly malicious domains are still at very high levels. The continued significant traffic to these domains suggests that cleanup efforts have not been effective yet.

In conclusion, Dhia said, “Cleanup is incredibly difficult because the burden lies on the individuals using infected machines, or their ISPs. It’s a huge effort and very expensive. But without it, botnets can potentially pick up where they left off.”

A graph visualising this traffic is available here:



Malware Statistics Tool Lists Top 100 Searched for Threats

OPSWAT, provider of solutions to secure and manage IT infrastructure, announced the release of a new statistics feature for their free anti-malware multi-scanning service, Metascan® Online. The newly-released malware statistics page provides a list of the 100 most searched for threats from the past week, including detailed scan results. The statistics page is updated daily and provides the ability to track the scan history of a given threat, giving researchers insight into the growth rate of malware detection rates.


The Metascan Online data can be used to investigate the current threats generating the most searches, as well as to monitor the detection rate of new threats. OPSWAT CEO Benny Czarny expressed excitement over the research and data analysis possibilities created by the new technology, stating that “the Metascan statistics tool provides information about the malware samples in our database, giving malware researchers the ability to dig into the types of threats that are currently circulating as well as track how the detection of new threats changes over time.”


To reduce the risk of false positives at least five of Metascan Online’s 40+ anti-malware engines must flag the file as a threat for it to be included. According to Product Manager for Metascan Online, Ronald Melencio, five engines seemed to be the “sweet spot” for detection. He went on to say that “we were concerned about false positives, but if the minimum is set too high we could eliminate real, new, interesting threats.”


The statistics page provides a nearly real-time visualization of the value of multi-scanning. No single anti-malware engine detects 100% of threats 100% of the time, but using multiple engines to scan for threats allows users to take advantage of the strengths of each individual engine and to guarantee the earliest possible detection. While the data included on the statistics page shows only a subset of the most common threats in the wild and utilizes only the Windows-based anti-malware engines in Metascan Online, it provides an indication of the variability of detection rates of common malware by the anti-malware community.


OPSWAT elicited feedback from their partners within the anti-malware and malware research community as they developed this new feature in the hopes that it would provide information that was interesting, but not misleading for consumers. It is important to note that the detection data comes from static analysis performed by Software Development Kit (SDK) and Command Line Interface (CLI) package versions of the anti-malware engines included in Metascan Online and not from endpoint desktop applications which may be capable of enhanced behavioral and other dynamic analysis. Detection rates, therefore, may differ significantly from commercial endpoint performance. Therefore the data should not be used for comparative analysis of desktop or server anti-malware application. To discourage such comparisons, OPSWAT has chosen to anonymize the scan engine names.


About Metascan Online

Powered by OPSWAT’s Metascan technology, Metascan Online is a free online scanner that scans files for malware using more than 40 commercial anti-malware engines from leading security vendors such as Kaspersky Lab, McAfee, AVG, Avira and many others. The Metascan Online API allows users to programmatically upload and scan files or to search for previous scan results using a file’s hash (MD5, SHA1 or SHA256). By utilizing the hash lookup functionality, users can easily see if the file has previously been scanned by Metascan Online and get the scan results without sending the file over the Internet to be scanned.