Share via

Azure blob storage detects malicious file>

Madanala, Jayashree 151 Reputation points
2024-07-11T10:50:17.84+00:00

Hi

I am writing an upload API that accepts files from external user. this api will upload the file to azure blob storage. Do I need to scan the file to check whether its malicious before uploading to blob or Blob storage takes care of it??

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,915 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deepanshukatara-6769 10,205 Reputation points
    2024-07-11T12:04:32.98+00:00

    Yes we have capability in azure to do that but by default it is not enabled, it does scan for malicious files upon upload. This is done using the Malware Scanning capability in Defender for Storage. This built-in SaaS solution performs a full malware scan on uploaded content in near real time, using Microsoft Defender Antivirus capabilities.

    Malware Scanning is triggered in a protected storage account by any operation that results in a BlobCreated event. This includes the initial uploading of new blobs, overwriting existing blobs, and finalizing changes to blobs through specific operations. The scanning occurs within the same region of the storage account, and every file type is scanned (including archives like zip files) and a result is returned for every scan.

    When the malware scan identifies a malicious file, detailed Microsoft Defender for Cloud security alerts are generated.

    For more information, you can refer to the Malware scanning in Defender for Storage documentation

    Please let me know if any further questions

    Kindly accept if it helps

    Thanks
    Deepanshu

    0 comments
  2. Marcin Policht 25,290 Reputation points MVP
    2024-07-11T12:05:01.8033333+00:00

    You might want to - but Microsoft Defender for Storage should detect it (assuming, of course, that you have it enabled) - more at https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

    0 comments
  3. Sumarigo-MSFT 46,441 Reputation points Microsoft Employee
    2024-07-19T05:41:11.6233333+00:00

    @Madanala, Jayashree Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    Blob storage has an anti-malware service which scans the blob after its uploaded.
    Malicious content upload Malware Scanning scans every blob uploaded to your storage accounts. It detects ransomware, viruses, spyware, and other malware uploaded to the storage account, helping you prevent it from entering the organization and spreading. The classic malware hash analysis alert operates differently from Malware Scanning. It compares the uploaded blob/file hash with a list of known malicious hash signatures rather than analyzing the file contents for malware.

    How are you planning to scan it before it is uploaded?

    Diagram showing how malware scanning protects your data from malicious code.

    This article provides detailed information on Malware scanning in Defender for Storage
    Common questions about Defender for Storage
    How does the service work?

    Please let us know if you have any further queries. I’m happy to assist you further.   

     Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.