@Marc Hedgley Welcome to Microsoft Q&A Forum, Thank you for posting your query here!
I need to ensure that the data feed is automatically scanned for security threats such as Malware. Can someone please confirm that Microsoft Defender would cover this?
Yes, Microsoft Defender does have malware scanning that works with SFTP:
Malware scanning in Microsoft Defender for Storage - Microsoft Defender for Cloud | Microsoft Learn
It utilizes blob storage events that emit during uploads and triggers to either delete or quarantine those blobs if they are flagged as a security threat. NOTE: hash reputation analysis is NOT supported for SFTP: Microsoft Defender for Storage - the benefits and features - Microsoft Defender for Cloud | Microsoft Learn
I also have a need to scan/filter the data feed for specific file format and automatically reject any that fall outside of the list Is this possible within Azure?
I don't think this is doable prior to the upload, but a trigger could certainly detect those file extensions once uploaded and remove/quarantine accordingly. Example that does similar filtering:
Tutorial: Trigger Azure Functions on blob containers using an event subscription | Microsoft Learn
Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.