Azure Antimalware should be able to scan blob storage
Azure Antimalware should be able to scan blob storage. Currently you have to save the file a a file system for the real time protection to be able to scan it. Once it has been scanned then you would have to move it to the blob storage. Would like to be able to write directly to blob storage and have the real time protection monitoring the files.
We will take a look. This is an interesting idea!
Jarno Leikas commented
While checking logs for suspicious file hashes is better than nothing, but it's not exactly malware scanning per se. This would be an excellent addition, as there are no good alternatives (other than developing a custom service for this). The custom service seems to be limited to a custom ClamAV wrapper, if we want to stay in the PaaS land.
Layton Clay commented
This is a real issue, as our security staff is against allowing large files into our Azure Govt Cloudspace with no scanning. We are having to devise a service in response to their restriction, but it should be part of the Azure service.
Based on Hasan's comment we will check to see if the new capability answers the mail, but at first glance it seems a half-measure.
Hasan Abo-Shally commented
Update: Threat Protection for Azure Storage includes Malware Reputation Screening
Threat protection for Azure Storage offers new detections powered by Microsoft Threat Intelligence for detecting malware uploads to Azure Storage using hash reputation analysis and suspicious access from an active Tor exit node (an anonymizing proxy). You can now view detected malware across storage accounts using Azure Security Center.
Jan Barelds commented
Any progress on this? It's been "under review" since start of 2015...
This would be amazing if it ever gets done......
Sheikh Osama commented
Its been approxmately 4 years , and we havent heard of any simlar feature in azure malare or any native feature in storage account /blob as well. could you please if its under consideration or not in future roadmap
any update on this feature? it is really needed.
Thomas Gossler commented
Someone should at least provide an ARM template or installation for a solution similar to the one outlined here: https://stackoverflow.com/questions/28862992/can-a-worker-role-process-call-antimalware-for-azure-cloud-services-programmatic., e.g. setup VM Scale Set with Antimalware enabled, provides API to send files into VM for scanning, receive webhook with notification about result and receive the clean file back for storing it in BLOB storage.
We need to have this feature turned on at the earliest to block potential vulnerabilities. It will be great if we can extend this feature to all storage types/payloads
Israel Pereira Valverde commented
Maybe this suggestion should be moved to "Azure Storage", since it would be a feature for this product.
Think this is a really great idea. Any idea if/when an update will be provided?
Mallikarjun raju commented
Idea is submitted in 2014?
any updates please :)
Dave Bird commented
Is there any update on this. i have a requirement to scan 4TB of blob storage and i need to find a convinent way to scan those files.
Parveen Khanna commented
Any update on this feature. Is it in roadmap ?
Thanks in Advance
Hi, just wondering if there has been any progress on the ability to scan files as they are added to blob storage?
Jim Mackin commented
Has anything like this been implemented? I am very interested in real time scanning of files before dropping them in a blob store.
John Salichos commented
This is a must have for secure cloud services/applications.
Martin Valland commented
Any progress on this? Scanning blob storage seems like a very usefull feature when receiving documents uploaded by users