Antivirus Protection for Objects & Files in Cloud Storage

Detect and manage advanced threats in your cloud-native application workflows and data ingestion pipelines 

Read our Case Studies

Cloud-delivered malware is increasing - 68% of all malware downloads were delivered from cloud apps in 2Q2021 - an all time high! Of cloud-delivered malware, 66.4% was delivered using cloud storage apps

Source: Netskope Cloud and Threat Report: July 2021 Edition

Prevent threats from infecting cloud storage containers and reduce the risk of sharing malware with others

If a customer, partner, or internal user downloads and opens an infected file from a cloud application, it can create a major negative impact. Not only does it cause real harm to the recipient’s ability to function, it also causes the organization that allowed the file to be shared reputational risk, loss of customers, and lost revenue.  To minimize these risks, it’s critical that all objects are directly scanned.

In line with Cloud Provider shared responsibility models, it's up to the organization to manage data security. 

 

Top 6 Benefits

Malware Prevention

Protection from

Malware and Viruses

 Scanning all files protects downstream users from malware, viruses, worms, trojans and more

Target

Defense Against

Data Breaches 

Visibility into permissions and policies across all containers means secure and insecure configurations are quickly identified

Compliance Assurance

Compliance

Assurance

Scheduled scans and scanning agents meet service level agreements for threat prevention and compliance frameworks

PIggy Bank

Only Pay for What
You Need

 Competitive pricing and a simple solution keeps this security tool well within the budget

Defense Againts Data Breach

Automated Security Assurance

Proof of data protections and controls that can be shared with executive teams, auditors, and customers

Thumbs up

Maintain Reputation with Minimal Effort

An easy-to-use added layer of security prevents costly and embarrassing infection transmissions as well as service disruptions

Cloudcheckr

"Cloud Storage Security helps CloudCheckr reduce security reviews from two days to 60 minutes by actively scanning terabytes of data across multiple AWS accounts and presenting issues in a single dashboard that easily displays issues that we need to investigate."

 

- Bob Pease, Chief Architect, CloudCheckr

Use Case: CloudCheckr Reduces Security Review Time

CloudCheckr is a cloud management solution that unifies IT, security, and finance teams by providing insights, automation, and governance. As an AWS Partner Network (APN) Advanced Technology Partner, maintaining security is critical for the company. CloudCheckr needed a solution to help secure external data ingested and stored within the Amazon S3 buckets for its platform.

CloudCheckr chose Cloud Storage Security’s real-time file scanning service — Antivirus for Amazon S3 — for public cloud object storage. Antivirus for Amazon S3's centralized dashboard allows CloudCheckr to reduce security review time from two days to one hour by displaying multiple application data sets in one place. Antivirus for Amazon S3's flexible security features, along with centralized dashboards, assures CloudCheckr that data from outside sources is free from any threats.

News | Cloud Storage Security

In Remembrance of Ed Casmer

Read More

How it Works

Near Immediate Visibility &
Management of Malware

Choose from three industry-leading scanning engines to detect malicious files, or use multiple engines at once. 

The combination of all three engines can scan objects of almost infinite size and type and ensures the most accurate and thorough findings.

 

CrowdStrike

Premium scanning engine powered by machine learning (ML)
  • Max file size: 20 MB
  • Speed: Average scan time typically below 500ms
  • Vendor updates: 3 / year
  • Type: Signature-less, machine learning
  • API endpoint: Yes

Sophos

Premium scanning engine

  • Max file size: All file sizes
  • Speed: Fast
  • Agent checks: Every 15 minutes
  • Vendor updates: ~4 / day
  • Type: Signature based
  • API endpoint: Yes

 

ClamAV

Open source scanning engine

  • Max file size: 2 GB
  • Speed: Moderate
  • Agent checks: Every hour
  • Vendor updates: 1 / day
  • Type: Signature based
  • API endpoint: No

Detect and manage infected files using one of three scanning models: 

  • API - scans files as they are uploaded, before they are written
  • Event - scans new data in near real time when dropped into protected storage service (S3, WorkDocs, EBS, EFS)
  • Retro - scans existing objects on demand or via schedule*

Choosing the correct scanning model for your application workflow ensures that there is no disruption in service when an infected file is identified.

The combination of all three virus detection engines results in an agent that can scan objects of all file sizes and types.

Automatically turn on event-based protection for a bucket when it is created using our bucket auto protect tag key.

Tag, delete, or quarantine infected files automatically based on user-defined policies.

Problem files that require additional analysis can be sent to a dedicated slice of the Sophos Cloud Sandbox for detonation. Both Static and Dynamic Analysis is available.

 

The Dashboard within the solution itself is a great resource from which to monitor the environment.

When you are not in front of the console, get notified via Slack or email.  

Antivirus for Amazon S3 includes AWS Security Hub, Amazon Cloudwatch, Amazon EventBridge, Amazon EventTrail  and Amazon Simple Notification Service (SNS) integrations.

Working on Computer
CSS - AWS & Azure

Multi-Cloud Support

Manage and protect multiple accounts, regions, and buckets from an easy to use centralized console. With strategic partnerships with AWS and Microsoft, we provide malware scanning for:

  • Amazon S3, Amazon WorkDocs, Amazon EFS and Amazon EBS via Antivirus for Amazon S3 
  • Microsoft Azure Blob Storage via Antivirus for Azure Blob (coming soon)

 

Ridiculously Easy & Secure
Installation & Deployment

  • Runs in tenant for added security — data never leaves the account
  • Is serverless

  • Installs in minutes

  • Auto discovers all containers

  • Seamlessly integrates into your Security Operation Center

Deployment rocketship 2

Customers Love Us and You Will Too

 

Nice and easy solution! A/V scanning for my S3 bucket was a security hole that I needed to plug. After looking through all of the options on the AWS Marketplace. I decided to go with this one. I like how easy it was to get up and running and it did what it was supposed to do. I also like how the company stands behind its product and asks for feedback on how to make it better. Roy C. | Sep 22, 2021 | Review Verified
Great Product and great customer service. Cloud Storage Security product had the exact features we were looking for. [1] automatic scanning of objects into S3 buckets. [2] the ability to use multiple AV engines. [3] auditing on all scanned objects. Their customer service is also outstanding. We had an edge case that they were willing to work with us on during the 30 day trial. They were able to quickly provide a patch to support our edge case. Otus | Sep 20, 2021 | Review Verified
Problem solved! We needed a solution to perform the virus scan to our uploads in our S3 buckets. But there is no native or out-of-box solution from AWS services. However, we are really glad that we found this solution, the documentation is good and our developers were able to set up everything in just several hours. Customer support is very helpful too. Anon | Aug 25, 2021 | Review Verified
Access Additonal Reviews

Begin a Free Trial of Antivirus for Amazon S3 in AWS Marketplace

Commercial Free Trial (PAYG)
Government Free Trial
AWS Partner Badge