Advanced Endpoint Protection

MetaAccess Advanced Endpoint Protection extends well beyond basic compliance checks to ensure with the highest degree of confidence that your endpoints are secure. In addition to standard compliance checks such as OS level, Security Software installed and configured correctly, Encryption, Password and Firewall settings, MetaAccess has functionality to check for vulnerability and patch management, manage potentially unwanted applications, multi-engine anti-malware scanning, USB media scanning/blocking, anti-keylogger and screen capture prevention. MetaAccess provides the most comprehensive check in the industry.


MetaAccess Compliance helps your organization realize compliance by detecting and classifying which applications are installed on any endpoint and enabling your organization to monitor and manage these applications. It helps your organization assess and remediate application-specific settings.

Monitor and remediate the configuration of endpoint security applications

Check and update malware definitions on any endpoint. Check when a full system scan was last performed and launch one on any endpoint. Turn real-time protection on or off on any endpoint. Verify whether each endpoint’s firewall is enabled and enable them without any end user intervention. Verify whether anti-phishing protection is enabled on any endpoint.

Ensure that applications on any endpoint comply with policy and regulations

Detect over 5000 applications. Generate a report on each application’s license status and update its status. Detect whether any remote desktop control applications are installed or active on any endpoint. Generate a report on devices with open TCP ports, SSH connections or RDP tunnels. Make it impossible for malicious actors to remotely access and use any endpoint.

Monitor and remediate application and operating system updates and patches

Detect third-party patch management applications and enable them if necessary. Detect which patches are currently installed on any endpoint, generate a list of missing patches, and automatically install them.

Powerful and Thorough information reporting and remediation

Support over 30 different product-specific remediations across all major operating systems. It gathers classified and unclassified application details, and in-depth configurations of security applications, including anti-malware, personal firewall, hard disk encryption, patch management, browsers, browser plugins, and many others. This enables organizations that must comply with regulatory frameworks to easily gather information from endpoints to help them achieve compliance.

Verify that endpoints are encrypted per policy and regulations

Detect hard disk encryption software on each device and report which portions of each disk are encrypted. Leverages our patented method for assessing the encryption status of selected disks (Patent No. 10,229,069) and operates independently of third-party encryption algorithms and configurations. Supports all popular encryption solutions.

Vulnerability and Patch Management

The Common Vulnerability Scoring System ( CVSS ), is an industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. Scores are calculated based on a formula that depends on several metrics that approximate ease of exploit and the impact of exploit.

Realizing limitations in CVSS, OPSWAT designed a new score system based on CVSS and big data analysis, we call " OPSWAT Severity Score ". It's a dynamic score, range from 0 to 100. With this new score, old or unimportant Common Vulnerability Exploits (CVEs) will be filtered out.

With this new score, we provide better information to make vulnerabilities easier to manage, when using OPSWAT scores old or unimportant Common Vulnerability Exploits (CVEs) will be filtered out.

Advanced Malware Detection

MetaAccess uses process scanning, connection scanning, and repeated threat reporting to provide an additional layer of malware detection. In addition, there is a multi-engine anti-malware service to greatly increase odds of near zero-day malware detection. These comprehensive features may find malware that endpoint anti-malware applications have missed or could not remediate. This capability looks for indications of whether an endpoint is infected, even though it complies with security policies and regulations. MetaAccess can greatly increase malware detection with Anti-Malware Multi-Engine Scanning. While one anti-malware can’t detect all malware issues.

Process Scanning

MetaAccess scans all running processes and their loaded libraries. This may identify threats that the anti-malware product installed on the endpoint missed, by checking much more than installed applications. Your organization can accelerate process scanning by configuring the caching feature to only scan binaries that have not yet been analyzed.

Connection Scanning

Metaaccess enables your organization to scan all active network connections. It can detect all remote IP addresses connected to a device and compare those IPs to results that many IP reputation sources have reported. Each IP reputation source compares and categorizes the addresses according to the confidence rating of the IP.

Repeated Endpoint Threat Reporting

Repeated endpoint threats occur when users repeat the same behaviors that create the threat and when anti-malware applications fail to remove malware.  MetaAccess looks for repeated threats within each endpoint device to uncover persistent threats that the anti-malware application was not able to permanently remove.

Anti-Malware Multi-Engine Scanning

MetaAccess utilizes MetaDefender Cloud multi-scanning to quickly scan a device's running processes and loaded libraries every 24 hours with multiple anti-malware engines to detect malware, potentially unwanted applications (PUA), rogue antivirus applications and key loggers. To see how malware detection rates increase the more engines you use, see the example below or consult our Package Efficacy Report with live statistics on malware detection rates

Manage Potentially Unwanted Applications

MetaAccess can manage, block and even remove non-compliant or vulnerable applications. MetaAccess enables your organization to cleanly remove over 2,000 versions of popular applications (of both enterprise and consumer software) without any end user interaction. With it, your organization can silently detect such applications on any endpoint and completely remove them.

Comprehensive Removal

MetaAccess detects and removes anti-malware, personal firewall, and anti-phishing programs that conflict with your organization’s security policy as well as known vulnerable applications like Java, Adobe software (like Flash and Acrobat), browsers, and popular office software.

Automated Application Cleanup

MetaAccess automates the application cleanup process for difficult-to-uninstall applications and provides an easy way to terminate or remove these applications and remove all their files from any endpoint.

Works Silently without User Interactions

MetaAccess detects and removes potentially unwanted applications (PUAs) that can expose sensitive endpoint information without informed consent of the user (like browser toolbars, public filesharing programs, and backup or cloud-sync apps). This capability can be configured based upon the organization’s preferences to allow, block or remove the application.

Removes Corrupted Applications

MetaAccess is undeterred even under adverse conditions. It works when the program password is not known or has been forgotten and removes applications that the uninstaller has partially removed or requires forced end user interaction. Finally, it removes applications that no longer function or could not otherwise be uninstalled because required files or registry settings are missing or corrupted.

Removable Media Protection Module

MetaAccess manages removable media on endpoint devices, preventing the endpoint from connecting to any unexamined portable media, including flash drives, memory cards, SIM cards, CDs, DVDs and smart phones. It monitors endpoints for any removable media that end users insert and enables your organization to manage how each endpoint treats the media, based on preconfigured security policy.

Block. Protect. Secure.

MetaAccess can block any connection the media tries to make with an endpoint, and can block all connections, except those processes your organization specifies. It blocks all access to the media, while allowing this service to pass the content through advanced content security technologies, which verifies and sanitizes the data.

Highly Configurable

MetaAccess has highly configurable features to customize this solution to help organizations ensure that any data coming onto their environment is clean and safe to use.

Anti-Keylogger Prevention

MetaAccess prevent  keyloggers and advanced malware from  accessing  sensitive data by intercepting and encrypting keystrokes.

How it works

It works with an Anti-Keylogger Driver which intercepts low-level keyboard events, encrypts them, and then uses an anti-keylogger decryption hook for decoding before it sends the keystrokes to the application. The Driver encrypts the keystrokes and sends the events to the operating system event bus where the Decryption Hook decodes the keystrokes and sends the keystrokes to the application.

User Experience

There is no delay for the user when typing with this feature turned on. This solution is an overlay without any configuration changes. And importantly, it supports current and future cyber security risks.

Screen Capture Protection

MetaAccess prevents malicious and accidental screenshots. It prevents unauthorized or accidental screenshots and recording by users, VDI, web collaboration tools, and malicious applications.

When a process tries to capture or record the screen, this protection hook will block the request, which can optionally allow only certain windows to be captured. Screen Capture Protection supports current and future malware threats as well as data loss issues from web collaboration tools such as Zoom, Microsoft Teams, Cisco WebEx, and others.

How it works

MetaAccess monitors each running process. When a process tries to capture or record the screen, the Screen Capture Protection hook will block the request. This hook can, optionally, allow only certain windows to be captured.


This function is a small footprint on the device (less than 10 MB on disk) and supports current and future malware threats. It protects against data loss issues from web collaboration tools such as Zoom, Microsoft Teams, Cisco WebEx, and others

Get Started With Up To

50 Free Devices

See MetaAccess

In Action