Virus Scanners

Ensuring secure file uploads is essential to protect companies from potential threats. Risk Ledger prioritizes supply chain security, and part of that involves scanning uploaded files for viruses and malware to safeguard our platform. Here, we’ll explain how we approach virus scanning to keep our platform secure. Visit here scan uploaded files to verify if they are safe

Understanding the Risk of File Uploads

When suppliers share security evidence, the risk of uploading malicious files arises. This can create an attack vector where one company unknowingly infects another. Checking file extensions or MIME types alone doesn’t provide full protection, so we implement additional layers of security.

Limiting File Types

Limiting the types of files that can be uploaded is the first step in our approach. By restricting executable files, we minimize potential attacks. We generally accept common file types such as documents, spreadsheets, and images. However, relying solely on permitted file types isn’t sufficient. Attackers can disguise executable files using MIME type spoofing, where a file appears harmless but is actually a threat. To address this, we treat MIME type checks as a guideline rather than a final verdict for security.

Virus Scanners

Using ClamAV for Virus Scanning

To ensure uploaded files are safe, we use ClamAV, an open-source antivirus tool. Every uploaded file is scanned using this system before becoming accessible. If a virus is detected, the file is blocked, and users are notified. This process happens in the background within seconds, providing seamless security without user interruption.

Building a Scalable File Processing Pipeline

As we continue to grow, ensuring our file scanning process scales effectively is crucial. We’ve designed an event-based architecture that allows our services to handle file uploads efficiently. AWS S3 is central to our solution, using presigned URLs to ensure only authorized users can upload and download files. After an upload, an S3 event triggers our processing pipeline. The file is scanned by ClamAV, and its status is updated in real-time. This scalable architecture allows us to increase antivirus scanning capacity as needed, ensuring fast and reliable file processing.

Handling Delays and Errors

In most cases, scanning is completed almost immediately. However, larger files or network interruptions can cause delays. To manage this, we use polling to update the user interface when a file has finished processing. This provides a seamless user experience without the need for complex technologies like WebSockets. If a file fails to process correctly, it is flagged, and users are prevented from accessing it.

Future Enhancements

Looking ahead, we plan to enhance our file processing pipeline by adding new features. These may include generating thumbnail previews, converting documents to PDF format, or extracting key details from certificates. We aim to continuously improve our platform to provide a safer and more efficient experience for our users.

In summary, By using ClamAV and a scalable system, Risk Ledger ensures all uploaded files are scanned thoroughly, protecting our platform and users from potential threats.

UXN Records

UXN Records

Tuesday, Nov 19, 2024