SweetOps #security for May, 2022

Archive: https://archive.sweetops.com/security/

2022-05-09

james

03:01:32 PM

does anyone have a preferred solution for scanning user-uploaded files in AWS? edit: virus scanning

Grummfy

03:08:59 PM

there is some solution in the marketplace for it, but I’m also thinking to it so I’m intrested by your resulats

james

03:15:44 PM

yeah I turned up this after some brief googling, does anyone have experience with it?

AWS Marketplace: bucketAV - Antivirus for Amazon S3 - previously VirusScan for Amazon S3 attachment image

james

03:16:37 PM

also, we’re using Rails, might be some solution there instead

Jonathan Le

10:55:17 PM

https://bucketav.com/

Antivirus protection for Amazon S3 buckets attachment image

Scan your S3 buckets for viruses, worms, and trojans. bucketAV detects malware in real-time or on-demand.

yegorski

09:30:27 PM

Users of our web console are able uploads files which go to S3. Before they land in the bucket we use ClamV in a lambda to scan the file. Here is a guide that looks familiar though it might not be exactly what we did https://aws.amazon.com/blogs/developer/virus-scan-s3-buckets-with-a-serverless-clamav-based-cdk-construct/

Virus scan S3 buckets with a serverless ClamAV based CDK construct | Amazon Web Services attachment image

Edit: March 10th 2022 – Updated post to use AWS Cloud Development Kit (CDK) v2. Protecting systems from malware is an essential part of a systems protection strategy. It is important to both scan binaries and other files before introducing them into your system boundary and appropriately respond to potential threats in accordance to your […]