How does Malware Scanning work? Set up of Malware Scanning
Learn more about the required permissions. To enable and configure Malware Scanning, you must have Owner roles (such as Subscription Owner or Storage Account Owner) or specific roles with the necessary data actions. To set up and customize Malware Scanning in Defender for Storage, you can choose from various methods, including the Azure portal, Azure policy, ARM or Bicep templates, and REST API. You can enable and configure Malware Scanning at scale for your subscriptions while maintaining granular control over configuring the feature for individual storage accounts. To comply with compliance standards that require on-upload malware scanning for noncompute resources (NIST, SWIFT, UK GOV, and more), and collecting the necessary evidence for compliance audits. To protect storage accounts from malicious content, especially when content in the storage account is uploaded from untrusted sources (customers and partners, anonymous users, etc.) Some common use-cases and scenarios for Malware Scanning in Defender for Storage include:
When the malware scan identifies a malicious file, detailed Microsoft Defenders for Cloud security alerts are generated.ĭesigned to help fulfill security and compliance requirements to scan untrusted content uploaded to storage, including an option to log every scan result. Supports response at scale – deleting or quarantining suspicious files, based on the blobs’ index tags or Event Grid events. Malware Scanning in Defender for Storage helps protect storage accounts from malicious contentĪ built-in SaaS solution that allows simple enabling at scale with zero maintenance.Ĭomprehensive antimalware capabilities using Microsoft Defender Antivirus (MDAV), catching polymorphic and metamorphic malware.Įvery file type is scanned (including archives like zip files) and a result is returned for every scan. To protect organizations from this threat, content in cloud storage must be scanned for malware before it's accessed.
Storage accounts can be a malware entry point into the organization and a malware distribution point. Malware upload is a top threat on cloud storageĬontent uploaded to cloud storage could be malware. The Malware Scanning capability is an agentless SaaS solution that allows simple setup at scale, with zero maintenance, and supports automating response at scale. It's designed to help fulfill security and compliance requirements to handle untrusted content. Malware Scanning in Defender for Storage helps protect your storage accounts from malicious content by performing a full malware scan on uploaded content in near real time, using Microsoft Defenders Antivirus capabilities.
0 kommentar(er)
