Blog

Find out about the latest from Cloudmersive.

API Spotlight: Scan Cloud Storage for Viruses, Malware and Content Threats
4/10/2023 - Brian O'Neill


Implementing direct file upload features for client-facing web applications is becoming an increasingly popular trend among businesses all over the world. Enabled largely by the availability of affordable, scalable cloud storage solutions, direct file upload features create a linear path between client-side users and the services they seek out online, improving user experience for customers and increasing workflow efficiency for businesses in one fell swoop.

It's not all sunshine and rainbows, however. Direct file uploads also open the door to a variety of file upload threats which, if not detected and contained properly, can have severe consequences for both businesses and the customers who entrust them with sensitive information. As such, it's critically important that file uploads are routinely scanned for viruses, malware, and other content-based threats at multiple points in any business' system architecture - including the cloud storage instances they reside in and are eventually retrieved from.

Cloudmersive Cloud Storage Virus Scanning APIs provide powerful protection for your cloud storage instances, integrating seamlessly with Azure Blob, AWS S3, SharePoint Online Site Drive, and Google Cloud (GCP) Storage. Using minimal code to establish your connection, you can quickly gain 360-degree content protection against malicious file uploads, safeguarding your cloud storage instances against tens of millions of virus and malware signatures. You can additionally manage a variety of customizable threat rules in your API request body to block (or allow) executables, invalid files, scripts, macros & more, and you can easily restrict unwanted file types with full content verification.

Below, we’ll walk through each Cloud Storage Virus Scanning iteration and highlight the specific information you’ll need to configure your request for each supported storage instance. After acquiring the necessary details, you can easily structure your API calls with your preferred choice of complementary, ready-to-run code examples - all of which are available via the “Docs & Examples” page in your Cloudmersive account.

How to Protect Azure Blob Storage

To configure virus scanning for Azure Blob Storage, start by gathering the following information:

  1. Connection String: you can obtain this information by navigating to the “Access Keys” tab of the “Storage Account Blade” in the Azure Portal.
  2. Container Name: provide the name of the specific Blob container you’d like to protect (within the Azure Blob Storage account).
  3. Blob Path: provide the path to the blob within the container; if the path contains Unicode characters, you’ll need to base64 encode it and prepend with ‘base64’

How to Protect AWS S3 Storage

To configure virus scanning for your AWS S3 Storage instances, you’ll need the following information ready:

  1. Access Key: this can be obtained by heading to the AWS console and looking within “My Security Credentials”
  2. Secret Key: same as above; this can be obtained by heading to “My Security Credentials” in the AWS console.
  3. Bucket Region: provide the name of the exact region of your S3 bucket (e.g., “US-East-1”).
  4. Bucket Name: provide the name of the S3 bucket.
  5. Key Name: parse the name of the files in S3 that you wish to scan for viruses. You’ll need to base64 encode the key name if it contains Unicode characters and prepend it with ‘base64’.

How to Protect SharePoint Online Site Drive

To configure virus scanning for your SharePoint Online Site Drive instances, prepare the following information:

  1. Client ID & Client Secret: you’ll need to follow a few steps to find this information:
    1. Navigate to the Azure Portal and click on Azure Active Directory
    2. Click on App Registrations (left-hand side)
    3. Click on Register Application
    4. Name the application CloudmersiveAntiVirus; then click “Register”
    5. Get the client ID by clicking on Overview and copying the value labeled Application (client) ID
    6. Click on Certificates and Secrets
    7. Click on New Client Secret; choose a longer expiration and give the secret a name
    8. Copy the secret value to the clipboard; save it securely (this is your Client Secret)
    9. Begin granting permissions to SharePoint; first slick on API permissions on the left hand side
    10. Click “Add Permission” and choose Microsoft Graph
    11. Click on “Application Permissions”
    12. Search for “Site.FullControl.All”
    13. Click on “Add Permissions”
    14. Head back to Azure Active Directory; click on “Enterprise Applications”; click on "CloudmersiveAntiVirus” and click on “Permissions”
    15. Click on “Grant Admin Consent”
  2. SharePoint Domain Name: provide your SharePoint Online domain name (e.g., mydomain.sharepoint.com)
  3. Site ID: provide the ID of the SharePoint site you want to retrieve the file from
  4. Tenant ID: (Optional) provide the Tenant ID of your Azure Active Directory
  5. File Path: path to the file(s) you want to scan
  6. Item ID: provide your SharePoint itemID (such as DriveItem ID)

How to Protect Google Cloud Platform Storage

To configure virus scanning for your Google Cloud Platform Storage instances, prepare the following information:

  1. Bucket Name: provide the name of the bucket you’d like to protect in GCP Storage
  2. Object Name: provide the name of the object (or file) in GCP Storage; if it contains Unicode characters, prepare to base64 encode the object name and prepend with ‘base64’
  3. JSON Credential File: provide the service account credential for Google Cloud (stored in a JSON File)

For more information on how you can leverage our low-code (and no-code) Scan Cloud Storage APIs, please do not hesitate to contact a member of our sales team.

800 free API calls/month, with no expiration

Get started now! or Sign in with Google

Questions? We'll be your guide.

Contact Sales