上传文件的反恶意软件扫描 [英] Antimalware scan of uploaded files

问题描述

我正尝试在Azure中找到满足以下要求的最佳解决方案:应该对上传到系统中的每个文件进行恶意软件扫描.

I'm trying to find the best solution in Azure for following requirement: every file uploaded to the system should be scanned against malware. 

我的代码很可能会在Azure Kubernetes Service中执行，因此我可能不能依赖Web App/VM内置的安全机制.

Most likely my code will be executed inside Azure Kubernetes Service so probably I can't rely on Web App / VM built-in security mechanisms. 

所以问题是:我可以调用任何Azure(PaaS)API来验证此类文件吗?或者，当检测到正在上传的文件为恶意软件时，诸如Azure Data Lake或Azure Blob Storage之类的任何存储服务都可能引发异常?

So the question is: is there any Azure (PaaS) API I can call to verify such files ? Or maybe any storage service like Azure Data Lake or Azure Blob Storage could throw an exception when a file that's being uploaded is detected as malware ?

到目前为止，我找不到任何合适的东西.我是否需要在VM上安装自定义软件或启动Docker容器，还是有更好的解决方案?

I wasn't able to find anything adequate so far. Do I need to install custom software on a VM or spin up Docker container or there is a better solution ?

预先感谢

推荐答案

你好我们确实提供了Azure高级威胁防护，可帮助抵御恶意软件，但是我不知道针对该恶意软件的API.我们有Windows Defender Advanced API.您可以找到有关它们的更多信息 这里.为了回答您的问题，Azure的PaaS API目前似乎不可用.据我所知，如果我们将VM放在中间进行数据上传，并在包装​​盒上放置一个单独的包装，然后调用Windows API来检查是否有效 该文件，从理论上讲可能还不错，但实际上似乎并不是一个有效的解决方案:).

We do provide the Azure Advanced threat Protection which helps against Malwares however I am not aware of an API for the same. We do have Windows Defender Advanced APIs . You can find more information on them here . To answer your question a PaaS API from Azure does not seem available at this point . As far as I can think , if we put a VM in the middle for data upload and have a separate wrapper on the box and call the windows APIs to check the validity of the file , that may sound ok theoretically but practically it does not seem to be an efficient solution :) . 

谢谢.

这篇关于上传文件的反恶意软件扫描的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！