Cloud Storage Security is always working to improve our users’ experience and we’re excited to share some of the new features and enhancements that we’ve added into Antivirus for Amazon S3 over the past few months — Cloud Detonation Analysis, Automatic Bucket Protection, Audit Logging, Multi-factor Authentication, and API Endpoint Enhancements. Plus, AWS launched upfront contract pricing for Container products and Antivirus for Amazon S3 by Cloud Storage Security was included!
Cloud Detonation Analysis
If a file is found to be infected, you may require additional analysis to verify if it is a legitimate threat. You can now send suspicious files to a cloud sandbox for detonation. The cloud detonation functionality can perform Static or Dynamic Analysis where the file is executed on a system and the outcome shared.
This new feature leverages the Sophos Cloud Sandbox for detonation and the SophosLabs Intelix Platform for the analysis of the file. Additionally, As part of the analysis you will also receive a VirusTotal report with an overview of the threat. Pricing for cloud detonation starts at $0.05 per file for static analysis and $0.50 per file for dynamic analysis.
Automatic Bucket Protection
Automatic bucket protection leverages tags on buckets to identify and automatically provision event-based scanning on buckets. Any time a bucket is discovered with the specified tag it will be protected.
Anything and everything that is done through the Management Console is now logged to a new CloudWatch Log Group for auditing messages — you can access logs by navigating to CloudWatch > Log Groups > CloudStorageSecurity.Console.AuditLogging within your console.
For more secure access you can now enable multi-factor authentication for your user account using an authenticator app such as Google Authenticator or Authy.
API Endpoint Enhancements
If you aren’t familiar with our API Driven Scanning, it is one of our scanning models which allows you to scan a file and receive the verdict before that file is written anywhere.
We have released an enhancement to the Scan API which allows you to Scan and then Upload a file to S3. You can add a new uploadTo attribute in the header that specifies a "<container> / <object-path>" like "mybucket/full-path-to-file.txt".
We also recently released a new Scan an Existing S3 Object API where you can specify the location information ("container" and "objectPath") in the header for any existing objects in your S3 environment.
Last but not least, we’re releasing a new scan by URL API, which allows you to specify the full “HTTP URL” to a file for scanning. There are many uses for this, but one in particular we think will be useful is for Amazon S3 pre-signed URLs, which are a good way to hand off objects.
New AWS Marketplace Listing
A new Self-Service “Prepaid Discount” AWS Marketplace Listing is now available where you can purchase a subscription in bulk in a discounted, prepaid fashion without having to talk to anyone. However, if you have questions or need to purchase scanning for massive amounts of data please reach out to firstname.lastname@example.org with questions or to discuss volume pricing. Check out the AWS Marketplace listing here.
Reference Antivirus for Amazon S3 Documentation for a full listing of what's new.