适用于Azure应用服务的反恶意软件 [英] Antimalware for Azure App Services

问题描述

我们刚刚在Azure(App Services)托管的网站上进行了渗透测试.回来的一件事是测试人员能够上传已知的恶意文件，包括:

EICAR-位于 http://www.eicar.org/ <上的已知防病毒测试文本文件/p>

嵌入了恶意宏的Word文档.

还有其他一些.这些文件已成功提交并由服务器托管.立即从本地计算机上的Avast拾取了相同的Eicar文件，并将其阻止.无论如何，对我们网站上的文件夹有实时保护吗?

解决方案

我不能说说您组织的笔测试的结果，也不能说您应该如何处理安全漏洞(因为这是范围很广的主题，并且不适合StackOverflow).

从客观的角度来看:与虚拟机不同，您不能在Web Apps上简单地安装反恶意软件(除非该软件可以与您的应用一起部署，并且不需要管理员级别的特权).您需要在VM中进行设置，或使用第三方服务.

注意:如果您查看Web应用程序的设置"刀片，则会看到标有观察的部分.在该部分中，您会找到各种加载项，并且其中似乎有一个特定的安全性相关.据我所知，这里列出的附加组件是您可以与Web Apps集成的唯一组件.

We've just had penetration testing done on our website hosted in Azure (App Services). One of the things that came back was the tester was able to upload known malicious files, including:

EICAR - the known Antivirus testing text file located at http://www.eicar.org/

Word documents with malicious macros embedded.

And some others. These files were successfully submitted and hosted by the server. The same Eicar file is picked up right away from Avast on my local machine and blocked. Is there anyway to have realtime protection on folders in our web site?

解决方案

I can't speak to the results of your org's pen testing, or how you should specifically deal with security vulnerabilities (as that's a topic very broad in scope, and unfit for StackOverflow).

From an objective perspective: Unlike Virtual Machines, you cannot install simply anti-malware software on Web Apps (unless that software could be deployed with your app, and not require admin-level privileges). You'd need to set this up in a VM, or use a 3rd-party service.

Note: If you look at the Settings blade for your Web App, you'll see a section labeled Observe. Within that section, you'll find various add-ons, and it looks like one of them is specifically security-related. As far as I know, the add-ons listed here are the only ones you may integrate with Web Apps.

这篇关于适用于Azure应用服务的反恶意软件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！