3

I'm looking into using Microsoft Defender for Cloud to use with Blob Storage.

Ideally I'd like to:

  1. Upload to Storage
  2. Have Defender for cloud scan for viruses
  3. If there's an issue, remove it
  4. If there's NOT an issue, process it further.

Step 3 is easy. Workflow automation and can easily trigger such events.

The bit I can't work out is: what if the scan goes through fine?

I've looked in Logic Apps and can't find a 'successfully scanned' trigger.

logic app view for defender events

When will the scan occur? As soon as uploaded, or just on a schedule?

Is there anything I can go on (metadata?) to know a blob has been scanned and is good to go?

JsAndDotNet
  • 16,260
  • 18
  • 100
  • 123

1 Answers1

2

Microsoft Defender for Storage does not currently scan uploaded files. You can read more about this here. This being the case you cannot accomplish what you are are trying to do with the current offering. You have a couple of options:

  1. Wait for the release of the malware scanning feature (this is in the works)
  2. Use something like this
Yoav Frandzel
  • 66
  • 4