{"id":226,"date":"2023-04-02T21:13:41","date_gmt":"2023-04-02T19:13:41","guid":{"rendered":"https:\/\/www.jussimetso.com\/?p=226"},"modified":"2023-04-02T23:25:17","modified_gmt":"2023-04-02T21:25:17","slug":"defender-for-storage-antimalware-scanning","status":"publish","type":"post","link":"https:\/\/www.jussimetso.com\/index.php\/2023\/04\/02\/defender-for-storage-antimalware-scanning\/","title":{"rendered":"Defender for Storage &#8211; Antimalware Scanning"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div>\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"226\" class=\"elementor elementor-226\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-17a4167 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"17a4167\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-79c2f11\" data-id=\"79c2f11\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-6db5cec elementor-toc--minimized-on-tablet elementor-widget elementor-widget-table-of-contents\" data-id=\"6db5cec\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;exclude_headings_by_selector&quot;:[],&quot;headings_by_tags&quot;:[&quot;h2&quot;,&quot;h3&quot;,&quot;h4&quot;,&quot;h5&quot;,&quot;h6&quot;],&quot;marker_view&quot;:&quot;numbers&quot;,&quot;no_headings_message&quot;:&quot;No headings were found on this page.&quot;,&quot;minimize_box&quot;:&quot;yes&quot;,&quot;minimized_on&quot;:&quot;tablet&quot;,&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-toc__header\">\n\t\t\t\t\t\t<h4 class=\"elementor-toc__header-title\">\n\t\t\t\tTable of Contents\t\t\t<\/h4>\n\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--expand\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__6db5cec\" aria-expanded=\"true\" aria-label=\"Open table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-down\"><\/i><\/div>\n\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--collapse\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__6db5cec\" aria-expanded=\"true\" aria-label=\"Close table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-up\"><\/i><\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<div id=\"elementor-toc__6db5cec\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<i class=\"elementor-toc__spinner eicon-animation-spin eicon-loading\" aria-hidden=\"true\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-df0d871 elementor-widget elementor-widget-heading\" data-id=\"df0d871\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What is Antimalware scanning for storage accounts?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0d12a56 elementor-widget elementor-widget-text-editor\" data-id=\"0d12a56\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Microsoft Defender for Storage Antimalware Scanning does built-in, near real-time, full antimalware scanning of\u00a0content uploaded to a protected storage account.<\/p><p>Storage accounts can be a malware entry point into the organization and a malware distribution point. To protect\u00a0storage accounts from this threat, content must be scanned for malware before it is accessed from the storage\u00a0account.\u00a0<\/p><p>There is no easy way of doing that today, and therefore many accounts remain vulnerable. As a result, the\u00a0threat of malware in storage accounts is considered a top threat by customers, security analysts, and regulators.<\/p><p>The Malware Scanning capability is an agentless SaaS solution that allows simple setup at scale, with zero maintenance, and supports automating response at scale.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a4f427c elementor-widget elementor-widget-image\" data-id=\"a4f427c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"640\" height=\"343\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?fit=640%2C343&amp;ssl=1\" class=\"attachment-large size-large wp-image-265\" alt=\"Defender for Storage antimalware scanning\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?w=2000&amp;ssl=1 2000w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?resize=300%2C161&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?resize=1024%2C548&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?resize=768%2C411&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?resize=1536%2C823&amp;ssl=1 1536w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?resize=850%2C455&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?w=1280&amp;ssl=1 1280w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware-scanning.png?w=1920&amp;ssl=1 1920w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fe745f1 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"fe745f1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-270ccac elementor-widget elementor-widget-heading\" data-id=\"270ccac\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Common use-scenarios<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fa50ee8 elementor-widget elementor-widget-text-editor\" data-id=\"fa50ee8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li><p>To protect storage accounts from malicious content, especially when content in the storage account is uploaded from untrusted sources (customers and partners, anonymous users, etc.)<\/p><\/li><li><p>To comply with compliance standards that require on-upload malware scanning for noncompute resources (NIST, SWIFT, UK GOV, and more), and collecting the necessary evidence for compliance audits.<\/p><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-541d44b elementor-widget elementor-widget-heading\" data-id=\"541d44b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Limitations in Public Preview<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6459b03 elementor-widget elementor-widget-text-editor\" data-id=\"6459b03\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>Legacy v1 storage accounts aren&#8217;t supported<\/li><li>Azure Files isn&#8217;t supported for Malware Scanning<\/li><li>Client-side encrypted blobs aren&#8217;t supported (they can&#8217;t be decrypted before scan by the service). [data encrypted at rest by CMK is supported].<\/li><li>File size limit is 2 GB<\/li><li>The \u201ccapping\u201d mechanism is currently not functional. You can set your limitations now, and they&#8217;ll set in when \u201ccapping\u201d starts working.<\/li><li>Malware Scanning scan throughput rate limit per-storage-account \u2013 2GB\/min<\/li><li>Uploading in a higher rate results in a slow-down scan \u2013 files are scanned later<\/li><li>Index tag scan result isn&#8217;t supported in storage account with Hierarchical namespace enabled (Azure Data Lake Storage Gen2)<\/li><li><a href=\"https:\/\/learn.microsoft.com\/en-us\/rest\/api\/storageservices\/understanding-block-blobs--append-blobs--and-page-blobs\" target=\"_blank\" rel=\"noopener\" data-linktype=\"absolute-path\"><span style=\"text-decoration: underline;\">Append and Page blobs<\/span><\/a>\u00a0aren&#8217;t supported for Malware Scanning.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-48f6ef3 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"48f6ef3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e03c842 elementor-widget elementor-widget-heading\" data-id=\"e03c842\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Setup for Malware protection<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a3069c2 elementor-widget elementor-widget-heading\" data-id=\"a3069c2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Networking configuration<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aab49e6 elementor-widget elementor-widget-text-editor\" data-id=\"aab49e6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Malware Scanning supports storage accounts with \u201cNetworking\u201d &gt; \u201cPublic network access\u201d enabled, either from all networks or from selected virtual networks. Malware Scanning is not supported for storage accounts with \u201cPublic network access\u201d set to disabled.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d6277d elementor-widget elementor-widget-image\" data-id=\"3d6277d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"300\" height=\"215\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_network.png?fit=300%2C215&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-267\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_network.png?w=772&amp;ssl=1 772w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_network.png?resize=300%2C215&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_network.png?resize=768%2C551&amp;ssl=1 768w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-da80ec3 elementor-widget elementor-widget-heading\" data-id=\"da80ec3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Permissions<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5a7630d elementor-widget elementor-widget-text-editor\" data-id=\"5a7630d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>To enable and configure Malware Scanning, you must have Owner roles like <strong><em>Subscription Owner<\/em><\/strong> or <strong><em>Storage Account Owner<\/em><\/strong> or your own spesific <span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/defender-for-cloud\/support-matrix-defender-for-storage\" target=\"_blank\" rel=\"noopener\">roles<\/a> <\/span>for storage accounts.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b30bd4e elementor-widget elementor-widget-heading\" data-id=\"b30bd4e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Event Grid resource provider<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5452f2c elementor-widget elementor-widget-text-editor\" data-id=\"5452f2c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Event Grid resource provider must be registered to be able to create the Event Grid System Topic used for detect upload triggers. Follow\u00a0<a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/event-grid\/blob-event-quickstart-portal#register-the-event-grid-resource-provider\" data-linktype=\"relative-path\">t<span style=\"text-decoration: underline;\">hese steps<\/span><\/a>\u00a0to verify Event Grid is registered on your subscription.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a648bad elementor-widget elementor-widget-image\" data-id=\"a648bad\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"640\" height=\"181\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?fit=640%2C181&amp;ssl=1\" class=\"attachment-large size-large wp-image-272\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?w=1582&amp;ssl=1 1582w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?resize=300%2C85&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?resize=1024%2C289&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?resize=768%2C217&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?resize=1536%2C434&amp;ssl=1 1536w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?resize=850%2C240&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_evetgird.png?w=1280&amp;ssl=1 1280w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">You must have permission to the \/register\/action operation for the resource provider. This permission is included in the Contributor and Owner roles.<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4903af1 elementor-widget elementor-widget-heading\" data-id=\"4903af1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Setup Microsoft Defender for Storage<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b257b50 elementor-widget elementor-widget-text-editor\" data-id=\"b257b50\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>I recommend that you enable Defender for Storage on the subscription level. Doing so ensures all storage accounts in the subscription will be protected, including future ones.<\/p><p>First, navigate to Defender for Cloud and select &#8220;<strong>Environment Settings<\/strong>&#8221; under Management section and click the wanted subcsription.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3bed84e elementor-widget elementor-widget-image\" data-id=\"3bed84e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"72\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?fit=640%2C72&amp;ssl=1\" class=\"attachment-large size-large wp-image-271\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?w=1673&amp;ssl=1 1673w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?resize=300%2C34&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?resize=1024%2C115&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?resize=768%2C86&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?resize=1536%2C173&amp;ssl=1 1536w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?resize=850%2C96&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/subscription_selection.png?w=1280&amp;ssl=1 1280w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9d21314 elementor-widget elementor-widget-text-editor\" data-id=\"9d21314\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Now enable Defender for Storage plan<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-142599a elementor-widget elementor-widget-image\" data-id=\"142599a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"29\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?fit=640%2C29&amp;ssl=1\" class=\"attachment-large size-large wp-image-270\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?w=1855&amp;ssl=1 1855w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?resize=300%2C14&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?resize=1024%2C47&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?resize=768%2C36&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?resize=1536%2C71&amp;ssl=1 1536w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?resize=850%2C39&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/storage_plan.png?w=1280&amp;ssl=1 1280w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e193141 elementor-widget elementor-widget-text-editor\" data-id=\"e193141\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Microsoft Defender for Storage is now enabled for this subscription, and is fully protected, including on-upload malware scanning and sensitive data threat detection.<\/p><p>If you want to turn off the\u00a0<strong>On-upload malware scanning<\/strong>\u00a0or\u00a0<strong>Sensitive data threat detection<\/strong>, you can select\u00a0<strong>Settings<\/strong>\u00a0and change the status of the relevant feature to Off.<\/p><p>There&#8217;s no <strong>Settings<\/strong> in my photo below but it will be displayed under <strong>Full<\/strong>-word.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2287966 elementor-widget elementor-widget-image\" data-id=\"2287966\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"194\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?fit=640%2C194&amp;ssl=1\" class=\"attachment-large size-large wp-image-275\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?w=2599&amp;ssl=1 2599w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?resize=300%2C91&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?resize=1024%2C310&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?resize=768%2C232&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?resize=1536%2C465&amp;ssl=1 1536w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?resize=2048%2C619&amp;ssl=1 2048w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?resize=850%2C257&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?w=1280&amp;ssl=1 1280w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_env_settings-1.png?w=1920&amp;ssl=1 1920w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a6f01e0 elementor-widget elementor-widget-text-editor\" data-id=\"a6f01e0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>You can see all addiotional settings from <strong>Settings &amp; monitoring<\/strong> blade.<\/p><p>Enter to this blade is done by clicking the <strong>Settings &amp; monitoring<\/strong> link from the Defender for Cloud plan page:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c6df638 elementor-widget elementor-widget-image\" data-id=\"c6df638\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"191\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/dfc_settings_monitoring.png?fit=640%2C191&amp;ssl=1\" class=\"attachment-medium_large size-medium_large wp-image-274\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/dfc_settings_monitoring.png?w=958&amp;ssl=1 958w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/dfc_settings_monitoring.png?resize=300%2C90&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/dfc_settings_monitoring.png?resize=768%2C229&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/dfc_settings_monitoring.png?resize=850%2C254&amp;ssl=1 850w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-887dc3d elementor-widget elementor-widget-text-editor\" data-id=\"887dc3d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>It is also possible to enable and configure Defender for Storage<\/p><p>with <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/common\/azure-defender-storage-configure?tabs=enable-subscription#enable-and-configure-at-scale-with-an-azure-built-in-policy\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">Azure Policy<\/span><\/a><\/p><p>with <span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/common\/azure-defender-storage-configure?tabs=enable-subscription#enable-and-configure-with-iac-templates\" target=\"_blank\" rel=\"noopener\">IaC templates<\/a><\/span><\/p><p>with <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/common\/azure-defender-storage-configure?tabs=enable-subscription#arm-template\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">ARM template<\/span><\/a><\/p><p>and with <span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/common\/azure-defender-storage-configure?tabs=enable-subscription#enable-and-configure-with-rest-api\" target=\"_blank\" rel=\"noopener\">REST API<\/a><\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1107304 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"1107304\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3bbfeda elementor-widget elementor-widget-heading\" data-id=\"3bbfeda\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Malware scan results <\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0be3373 elementor-widget elementor-widget-heading\" data-id=\"0be3373\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Blob scan<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c36e7eb elementor-widget elementor-widget-text-editor\" data-id=\"c36e7eb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>I tried malware scan by uploading EICAR test file to the storage account&#8217;s blob container.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3944cb3 elementor-widget elementor-widget-image\" data-id=\"3944cb3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"142\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_blob.png?fit=640%2C142&amp;ssl=1\" class=\"attachment-large size-large wp-image-280\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_blob.png?w=1238&amp;ssl=1 1238w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_blob.png?resize=300%2C66&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_blob.png?resize=1024%2C227&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_blob.png?resize=768%2C170&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_blob.png?resize=850%2C188&amp;ssl=1 850w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-64b1b73 elementor-widget elementor-widget-text-editor\" data-id=\"64b1b73\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/blobs\/storage-blob-index-how-to\" data-linktype=\"relative-path\">Blob index tags<\/a><\/span>\u00a0are metadata fields on a blob. They categorize data in your storage account using key-value tag attributes. These tags are automatically indexed and exposed as a searchable multi-dimensional index to easily find data. The scan results are concise, displaying\u00a0<strong>Malware Scanning scan result<\/strong>\u00a0and\u00a0<strong>Malware Scanning scan time UTC<\/strong>\u00a0in the blob metadata. Other result types (alerts, events, logs) provide more information on the malware type and file upload operation.<\/p><p>More info of <span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/defender-for-cloud\/defender-for-storage-malware-scan#blob-index-tags\" target=\"_blank\" rel=\"noopener\">Malware\u00a0 Scanning\u00a0 Index Tag Keys<\/a><\/span>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-016e881 elementor-widget elementor-widget-heading\" data-id=\"016e881\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Defender for Cloud security alerts<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1ed08ee elementor-widget elementor-widget-text-editor\" data-id=\"1ed08ee\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>When a malicious file is detected, Microsoft Defender for Cloud generates a<span style=\"text-decoration: underline;\">\u00a0<a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/defender-for-cloud\/alerts-overview#what-are-security-alerts\" target=\"_blank\" rel=\"noopener\" data-linktype=\"relative-path\">Microsoft Defender for Cloud security alert<\/a><\/span>. To see the alert, go to\u00a0<strong>Microsoft Defender for Cloud<\/strong>\u00a0security alerts. The security alert contains details and context on the file, the malware type, and recommended investigation and remediation steps.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-19173a9 elementor-widget elementor-widget-image\" data-id=\"19173a9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"241\" height=\"300\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert2.png?fit=241%2C300&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-277\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert2.png?w=780&amp;ssl=1 780w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert2.png?resize=241%2C300&amp;ssl=1 241w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert2.png?resize=768%2C955&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert2.png?resize=300%2C373&amp;ssl=1 300w\" sizes=\"(max-width: 241px) 100vw, 241px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Security alert details 1<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7e0d173 elementor-widget elementor-widget-image\" data-id=\"7e0d173\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"601\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?fit=640%2C601&amp;ssl=1\" class=\"attachment-large size-large wp-image-279\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?w=1393&amp;ssl=1 1393w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?resize=300%2C282&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?resize=1024%2C962&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?resize=768%2C721&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?resize=850%2C798&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_details.png?w=1280&amp;ssl=1 1280w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Security alert details 2<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a28d2db elementor-widget elementor-widget-image\" data-id=\"a28d2db\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"679\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?fit=640%2C679&amp;ssl=1\" class=\"attachment-large size-large wp-image-278\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?w=1367&amp;ssl=1 1367w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?resize=283%2C300&amp;ssl=1 283w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?resize=965%2C1024&amp;ssl=1 965w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?resize=768%2C815&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?resize=300%2C318&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?resize=850%2C902&amp;ssl=1 850w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/malware_security_alert3_actions.png?w=1280&amp;ssl=1 1280w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/>\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Security alert potential actions<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1387d23 elementor-widget elementor-widget-heading\" data-id=\"1387d23\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Event Grid event<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3d3fd73 elementor-widget elementor-widget-text-editor\" data-id=\"3d3fd73\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Event Grid is useful for event-driven automation. It&#8217;s the fastest method to get results with minimum latency in a form of events that you can use for automating response.<\/p><p>Events from Event Grid custom topics can be consumed with multiple endpoint types. The most useful for Malware Scanning scenarios are:<\/p><ul><li>Function App (previously called Azure Function) \u2013 use a serverless function to run code for automated response like move, delete or quarantine.<\/li><li>Web Hook \u2013 to connect an application.<\/li><li>Event Hubs &amp; Service Bus Queue \u2013 to notify downstream consumers.<\/li><\/ul><p>For each scan result, an event is sent using the below schema where the\u00a0<code>&lt;scanResultType&gt;<\/code>\u00a0field contains the scan result of the uploaded blob\u00a0<code>&lt;blobUri&gt;<\/code>\u00a0and are used as part of your response automation logic.<\/p><p>Learn more about\u00a0<a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/event-grid\/create-view-manage-system-topics\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">setting up Event Grid<\/span><\/a>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6d8a90a elementor-widget elementor-widget-heading\" data-id=\"6d8a90a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Logs Analytics<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-37b2016 elementor-widget elementor-widget-text-editor\" data-id=\"37b2016\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>It is also possible to log your scan results for compliance evidence or investigating scan results.<\/p><p>By setting up a Log Analytics Workspace destination, you can store every scan result in a centralized log repository that is easy to query.<\/p><p>You can view the results by navigating to the Log Analytics destination workspace and looking for the\u00a0<strong>StorageAntimalwareScanResults<\/strong>\u00a0table.<\/p><p>Learn more about\u00a0<span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-monitor\/logs\/quick-create-workspace\" target=\"_blank\" rel=\"noopener\" data-linktype=\"relative-path\">setting up Log Analytics results<\/a><\/span>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-772e9ba elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"772e9ba\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-98f72a4 elementor-widget elementor-widget-heading\" data-id=\"98f72a4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">What does it cost?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b19e982 elementor-widget elementor-widget-text-editor\" data-id=\"b19e982\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Malware Scanning is billed per GB scanned. To provide cost predictability, Malware Scanning supports setting a cap on the amount of GB scanned in a single month per storage account. This setting can be set at the subscription level to apply to each storage account in the subscription, or you can set it for a specific storage account.<\/p><p>The default value for each storage account is 5000GB per month, and after crossing this limit, blobs won&#8217;t be scanned (with up to a 20-GB confidence interval).<\/p><p>Learn about how to\u00a0<span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/common\/azure-defender-storage-configure#configure-malware-scanning\" target=\"_blank\" rel=\"noopener\" data-linktype=\"relative-path\">configure scan limits<\/a><\/span>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1b000fc elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"1b000fc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-72444f2 elementor-widget elementor-widget-heading\" data-id=\"72444f2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Conclusion<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d97b93c elementor-widget elementor-widget-text-editor\" data-id=\"d97b93c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>When I tested this feature couple of months ago via Microsoft CCP program I was amazed how this malware scan functionality has been able to enable first to Azure storage accounts. I&#8217;m sure that customer IT \/ security department would like to know are there any malwares stored in storage accounts.\u00a0<\/p><p>My role as a Cloud Security Advisor is to advise and help customers to help with their security issues. I will definitely encourage at least test this feature.\u00a0<\/p><p>This Antimalware scan from storage accounts is the first step. There&#8217;s more to come but you need to wait.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Table of Contents What is Antimalware scanning for storage accounts? Microsoft Defender for Storage Antimalware&#8230;<\/p>\n","protected":false},"author":2,"featured_media":268,"comment_status":"open","ping_status":"open","sticky":false,"template":"elementor_theme","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[20],"tags":[],"class_list":["post-226","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cspm"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2023\/04\/getty_images_malware.png?fit=1272%2C349&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/pes24X-3E","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/posts\/226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/comments?post=226"}],"version-history":[{"count":0,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/posts\/226\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/media\/268"}],"wp:attachment":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/media?parent=226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/categories?post=226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/tags?post=226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}