Malware Scanning Application Programming Interface (AMSI)

An Application Programming Interface (API) allows programs to communicate with each other. APIs are commonly used in web applications, mobile devices, and IoT systems. These types of digital systems are prone to malware attacks that can cause security incidents.

The Malware Scanning Application Programming Interface (AMSI) enables developers to integrate malware scanning capabilities into their applications and workflows to protect data from malicious content. It aims to reduce risk by identifying and alerting on malware when files are uploaded to storage. This feature is ideal for organizations that need to fulfill compliance and security requirements by scanning untrusted content before it can be stored in their environment.

Empowering Your Defenses: Harnessing the Potential of the Malware Scanning Application Programming Interface (API)

AMSI is designed to be as simple to enable as possible and requires no changes to existing code. It can scan any type of blob, up to a maximum file size limit of 2 GB. It is highly scalable and can be used across multiple storage accounts or subscriptions. It can also be integrated into CI/CD pipelines for continuous and accurate scanning that can help to detect runtime vulnerabilities, personal identifying information exposures, and malware across modern web or API applications.

To enable AMSI, you must have the Storage Data Scanner role assigned to an Azure storage account. The AMSI service uses reading and indexing operations to scan your data, and the malware scanning status is recorded in the blob index tag. The blob index tag also supports event logging to help with investigation and automation.

Leave a Reply

Your email address will not be published. Required fields are marked *