John Graham
asked on
Antivirus to scan document uploads?
I host application servers for a website and to allow users to upload documents, we need them to be scanned first by AV software. I assume I will need to find AV with some sort of API to trigger the scan. Does anyone know how to approach this problem?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hello,
For effective multi vendor scanning you may use the Virus Total private service. For details on API integration refer the below article,
https://www.virustotal.com/en/documentation/private-api/
Good Luck!
For effective multi vendor scanning you may use the Virus Total private service. For details on API integration refer the below article,
https://www.virustotal.com/en/documentation/private-api/
Good Luck!
ASKER
Thanks everyone for the amazing replies. My app server runs Java Enterprise Edition to communicate and send files to the database servers. I want to make sure the files are scanned as they are uploaded. Luckily I do have a NGFW already as well at my boundary to mitigate risks.
I cannot emphasize enough that just having these products are NOT security...you have to know how to configure them to protect your environment from threats. Security is not a product...its a process! Both the Gateway and Endpoint AV security services need to be configured and the DMZ needs to be locked down to only allow specific ports/services from running to Zone to Zone, e.g. WAN>DMZ, DMZ>LAN & LAN>DMZ.
If so, then I would do that as well as, not instead of, any of the above.
Alan.