Skip to main content

Malware Scanning

Security Requirement Statement​

Uploaded files must be scanned for malware before being accepted onto the platform.

Control Classification​

  • Timing Control Category: Preventive
  • Nature Control Category: Technical
  • Status: Identified
  • Date Identified: 2025-10-29
  • Date First Implemented: TBD
  • Date Last Reviewed: 2025-10-29
  • Date Retired: N/A

Current Azure Blob Storage Integration:

  • Files uploaded directly to Azure Blob Storage using SAS tokens (valet keys)
  • Microsoft Defender for Storage automatically scans uploaded blobs
  • Post-upload scanning with malicious file deletion and version rollback
  • Blob versioning enforced to support rollback to previous clean versions

Edgescan Integration (Planned):

  • Automated vulnerability scanning for application-level security
  • Manual penetration testing services for comprehensive security assessment
  • Continuous monitoring for emerging threats and vulnerabilities

Compensating Controls​

  • Client-side file validation (type, size, dimensions) before upload
  • Blob versioning with automatic rollback to previous clean versions
  • Short-lived SAS tokens with time-bound access restrictions
  • File type restrictions (JPEG, PNG for images; specific formats for documents)
  • Size limitations (2MB max for profile images)
  • Quarantine period where files exist but aren't immediately accessible

Context and Problem Statement​

ShareThrift allows users to upload various file types including profile photos, listing images, and potentially documents. The platform uses Azure Blob Storage for file storage with direct client uploads for performance and scalability.

Current File Upload Capabilities:

  • Profile Images: JPEG/PNG format, 2MB maximum size
  • Listing Photos: Multiple images per listing stored in Azure Blob Storage
  • Direct Upload Flow: Frontend → SAS token request → Direct Azure upload → Backend processing

Security Challenges:

  • Files temporarily exist in storage before malware scanning completes
  • Potential bypass of client-side restrictions by sophisticated users
  • Risk of malicious file uploads affecting platform integrity
  • Need for immediate response to detected threats

Success Criteria​

  • Zero malicious files successfully stored long-term in platform storage
  • <1 minute scanning time for uploaded files before availability
  • 99.9% uptime for file upload and scanning services
  • Automatic remediation (delete/rollback) for 100% of detected threats
  • Integration with existing Azure Blob Storage and SAS token infrastructure
  • Successful Edgescan vulnerability assessments with no critical findings
  • Compliance with file storage retention policies (profile images indefinite, listing images tied to listing lifecycle)
  • Performance impact <5% on upload times due to security measures